Jump to content

SilverTongued

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

About SilverTongued

  • Birthday 6/10/1951

Tech Info

  • Experience
    some_experience
  • System: windows_xp

SilverTongued's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. SilverTongued
    thanks.. I'm a Nebraskan...
  2. SilverTongued
    Malwarebytes' Anti-Malware 1.45 Malwarebytes Database version: 3988 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 4/14/2010 4:08:43 PM mbam-log-2010-04-14 (16-08-43).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 180359 Time elapsed: 49 minute(s), 52 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\System Volume Information\_restore{3516E5D2-45FB-4556-B8E3-6D923EA4B501}\RP1160\A0076018.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{3516E5D2-45FB-4556-B8E3-6D923EA4B501}\RP1160\A0076019.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. OTL logfile created on: 4/14/2010 4:59:38 PM - Run 1 OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Manager\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,023.00 Mb Total Physical Memory | 506.00 Mb Available Physical Memory | 50.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 70.00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 113.63 Gb Free Space | 88.78% Space Free | Partition Type: NTFS Drive D: | 41.92 Gb Total Space | 40.33 Gb Free Space | 96.20% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NEBRASKA Current User Name: Manager Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Manager\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\Documents and Settings\Manager\Application Data\Smilebox\SmileboxTray.exe (Smilebox, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Spyware Doctor\swdsvc.exe (PC Tools) PRC - C:\Program Files\Spyware Doctor\svcntaux.exe (PC Tools) PRC - C:\Program Files\Spyware Doctor\SDTrayApp.exe (PC Tools) PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) PRC - C:\WINDOWS\vVX1000.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG) PRC - C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Manager\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) MOD - C:\Program Files\Spyware Doctor\smumhook.dll (PC Tools) ========== Win32 Services (SafeList) ========== SRV - (avg8emc) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\swdsvc.exe (PC Tools) SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\svcntaux.exe (PC Tools) SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) SRV - (bgsvcgen) -- C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) ========== Driver Services (SafeList) ========== DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (IKSysSec) -- C:\WINDOWS\system32\drivers\iksyssec.sys (PCTools Research Pty Ltd.) DRV - (IKSysFlt) -- C:\WINDOWS\system32\drivers\iksysflt.sys (PCTools Research Pty Ltd.) DRV - (IKFileSec) -- C:\WINDOWS\system32\drivers\ikfilesec.sys (PCTools Research Pty Ltd.) DRV - (VX1000) -- C:\WINDOWS\system32\drivers\VX1000.sys (Microsoft Corporation) DRV - (cdrbsdrv) -- C:\WINDOWS\system32\drivers\cdrbsdrv.sys (B.H.A Corporation) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (ac97intc) Intel® 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation) DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Search IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Google Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Messenger, Unterhaltung, Nachrichten, Sport, Jobs, Immobilien und mehr bei MSN AT IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FE 94 86 2A B6 D9 CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Search IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2002/06/25 13:07:35 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [sDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe (PC Tools) O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation) O4 - HKCU..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe File not found O4 - HKCU..\Run: [smileboxTray] C:\Documents and Settings\Manager\Application Data\Smilebox\SmileboxTray.exe (Smilebox, Inc.) O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: C:\Documents and Settings\Manager\Start Menu\Programs\Startup\Shortcut to Warning.lnk = C:\Documents and Settings\Manager\Desktop\Warning.txt.txt () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O15 - HKCU\..Trusted Domains: plaxo.com ([www] https in Trusted sites) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194736780421 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C8E7CBFB-9F2E-42C7-B4CB-D4B7FC89A363} http://www.gather.com/imageuploader/GatherUploader5.cab (Gather Photo Uploader Control) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java http://file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop WallPaper: C:\Documents and Settings\Manager\My Documents\Sensational_eyes.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Manager\My Documents\Sensational_eyes.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/11/10 14:46:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/11/10 14:46:05 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) ========== Files/Folders - Created Within 30 Days ========== [2010/04/14 16:44:25 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Manager\Desktop\OTL.exe [2010/04/14 15:09:51 | 000,000,000 | ---D | C] -- C:\0155e82d78be3512d09d [2010/04/12 18:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2010/04/12 18:11:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manager\Application Data\SUPERAntiSpyware.com [2010/04/12 18:11:13 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2010/04/12 18:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010/04/11 15:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS [2010/04/11 14:39:21 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010/04/11 14:39:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010/04/11 14:39:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010/04/11 14:36:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/04/11 14:36:55 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/04/09 07:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manager\Application Data\Malwarebytes [2010/04/09 07:36:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/04/09 07:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/04/08 07:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2010/04/08 07:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010/03/25 07:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010/03/21 14:19:24 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL [2010/03/21 14:19:24 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.dll [2009/07/21 23:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2008/06/02 16:49:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2008/06/02 16:49:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2008/06/02 16:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2007/12/15 08:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/04/14 16:51:44 | 058,904,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010/04/14 16:44:30 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Manager\Desktop\OTL.exe [2010/04/14 16:12:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/04/14 16:12:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/04/14 16:11:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/04/14 16:11:13 | 004,456,448 | -H-- | M] () -- C:\Documents and Settings\Manager\NTUSER.DAT [2010/04/14 16:10:47 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Manager\ntuser.ini [2010/04/14 15:10:12 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk [2010/04/14 15:09:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/04/14 15:08:25 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9E1880B4-D2D4-4D49-A20F-9DD85C72A5B5}.job [2010/04/12 18:11:19 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\Manager\Desktop\SUPERAntiSpyware Free Edition.lnk [2010/04/12 09:30:00 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\Spyware Doctor.job [2010/04/11 14:37:01 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/04/14 15:10:12 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk [2010/04/12 18:11:19 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\Manager\Desktop\SUPERAntiSpyware Free Edition.lnk [2010/04/11 14:37:01 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009/09/23 15:39:21 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/09/23 14:23:27 | 000,082,312 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009/08/19 13:14:31 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/02/14 00:14:35 | 000,000,286 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009/02/14 00:06:59 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Manager\Application Data\mcs.rma [2009/02/14 00:06:59 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Manager\Application Data\A9E85D [2008/11/07 19:15:10 | 000,000,056 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsidmv.dat [2007/12/16 10:01:41 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2007/12/16 09:50:55 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll [2007/12/16 09:50:55 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll [2007/12/16 09:49:11 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll [2007/12/16 09:49:11 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini [2007/12/16 09:47:25 | 000,000,111 | ---- | C] () -- C:\WINDOWS\EPSON Perfection 3170.ini [2007/12/13 19:38:32 | 000,002,917 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2007/11/25 09:13:18 | 000,000,026 | ---- | C] () -- C:\WINDOWS\EPSONC88.ini [2007/11/25 09:12:30 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI [2007/11/10 18:46:23 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Manager\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/11/10 14:52:02 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Manager\ntuser.ini [2007/11/10 14:52:01 | 004,456,448 | -H-- | C] () -- C:\Documents and Settings\Manager\NTUSER.DAT [2007/11/10 14:52:01 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Manager\NTUSER.DAT.LOG ========== LOP Check ========== [2008/03/21 10:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe [2007/12/13 20:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS [2010/04/14 16:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2007/12/16 09:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manager\Application Data\Leadertech [2008/07/09 18:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manager\Application Data\OLYMPUS [2007/12/16 11:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manager\Application Data\Smart Panel [2008/05/02 15:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manager\Application Data\Smilebox [2009/10/06 22:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manager\Application Data\StarOffice8 [2010/03/01 14:00:46 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job [2010/04/12 09:30:00 | 000,000,268 | ---- | M] () -- C:\WINDOWS\Tasks\Spyware Doctor.job [2010/04/14 15:08:25 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9E1880B4-D2D4-4D49-A20F-9DD85C72A5B5}.job ========== Purity Check ========== ========== Custom Scans ========== < Code: > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008/08/04 05:28:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2008/08/04 05:28:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\AGP440.SYS < MD5 for: ATAPI.SYS > [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008/08/04 05:28:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008/08/04 05:28:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: EVENTLOG.DLL > [2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004/08/04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: NETLOGON.DLL > [2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll [2004/08/04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2004/08/04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > OTL Extras logfile created on: 4/14/2010 4:45:54 PM - Run 1 OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Manager\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,023.00 Mb Total Physical Memory | 535.00 Mb Available Physical Memory | 52.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 73.00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 113.61 Gb Free Space | 88.76% Space Free | Partition Type: NTFS Drive D: | 41.92 Gb Total Space | 40.33 Gb Free Space | 96.20% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NEBRASKA Current User Name: Manager Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found "C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found "C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found "C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\AVG\AVG8\avgdiag.exe" = C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG8\avgdiagex.exe" = C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation) "C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E0131B2-CF18-40D9-A331-60A3746C1204}" = EPSON Scan "{0F347D9F-2810-4B93-86ED-73FE2DD36AC3}" = StarOffice 8 "{10C69612-017B-45F5-B986-7D113D5A2EA3}" = MSN Toolbar "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail "{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java 6 Update 19 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{38B38A94-44D7-4BA0-818C-53C40C964D97}" = MapSource - City Navigator North America v6 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{5E3CFCA6-C95A-47CB-A822-7FA80D423AF2}" = MapSource "{5EA05D7F-5645-4068-A60F-0DCF8FBFD267}" = OLYMPUS Raw Codec "{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar "{9F9F3775-7E5B-4028-B5E5-DA1C042517A8}" = EPSON Photo Print "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1 "{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.2 "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B28B351F-1232-46EA-85EF-B8EA91641033}" = Nero 7 Essentials "{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "AVG8Uninstall" = AVG 8.5 "EPSON Printer and Utilities" = EPSON Printer Software "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{38B38A94-44D7-4BA0-818C-53C40C964D97}" = MapSource - City Navigator North America v6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Silent Package Run-Time Sample" = EPSON PERF 3170Guide "Spyware Doctor" = Spyware Doctor 5.1 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update "YInstHelper" = Yahoo! Install Manager ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Smilebox" = Hallmark Smilebox ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 4/12/2010 7:01:04 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11303 Description = Product: SUPERAntiSpyware Free Edition -- Error 1303. The installation has insufficient privileges to access this directory: C:\Program Files\SUPERAntiSpyware. The installation cannot continue. Log on as administrator or contact your system administrator. Error - 4/12/2010 7:01:05 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11303 Description = Product: SUPERAntiSpyware Free Edition -- Error 1303. The installation has insufficient privileges to access this directory: C:\Program Files\SUPERAntiSpyware. The installation cannot continue. Log on as administrator or contact your system administrator. Error - 4/12/2010 7:01:06 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11303 Description = Product: SUPERAntiSpyware Free Edition -- Error 1303. The installation has insufficient privileges to access this directory: C:\Program Files\SUPERAntiSpyware. The installation cannot continue. Log on as administrator or contact your system administrator. Error - 4/12/2010 7:01:08 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11303 Description = Product: SUPERAntiSpyware Free Edition -- Error 1303. The installation has insufficient privileges to access this directory: C:\Program Files\SUPERAntiSpyware. The installation cannot continue. Log on as administrator or contact your system administrator. Error - 4/12/2010 9:41:17 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11406 Description = Product: SUPERAntiSpyware Free Edition -- Error 1406. Could not write value DisplayIcon to key \Software\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}. System error . Verify that you have sufficient access to that key, or contact your support personnel. Error - 4/12/2010 9:41:18 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11406 Description = Product: SUPERAntiSpyware Free Edition -- Error 1406. Could not write value DisplayIcon to key \Software\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}. System error . Verify that you have sufficient access to that key, or contact your support personnel. Error - 4/12/2010 9:41:19 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11406 Description = Product: SUPERAntiSpyware Free Edition -- Error 1406. Could not write value DisplayIcon to key \Software\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}. System error . Verify that you have sufficient access to that key, or contact your support personnel. Error - 4/12/2010 9:41:26 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11406 Description = Product: SUPERAntiSpyware Free Edition -- Error 1406. Could not write value DisplayIcon to key \Software\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}. System error . Verify that you have sufficient access to that key, or contact your support personnel. Error - 4/12/2010 9:41:37 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11904 Description = Product: SUPERAntiSpyware Free Edition -- Error 1904. Module C:\Program Files\SUPERAntiSpyware\SASSEH.DLL failed to register. HRESULT -2147024891. Contact your support personnel. Error - 4/12/2010 9:41:39 PM | Computer Name = NEBRASKA | Source = MsiInstaller | ID = 11904 Description = Product: SUPERAntiSpyware Free Edition -- Error 1904. Module C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL failed to register. HRESULT -2147024891. Contact your support personnel. [ System Events ] Error - 4/12/2010 10:08:18 AM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 Error - 4/12/2010 9:19:34 PM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 Error - 4/13/2010 9:29:10 AM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 Error - 4/13/2010 9:56:30 AM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 Error - 4/13/2010 9:41:35 PM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 Error - 4/14/2010 9:20:43 AM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 Error - 4/14/2010 10:54:36 AM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 Error - 4/14/2010 5:04:52 PM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 Error - 4/14/2010 5:13:13 PM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 Error - 4/14/2010 6:12:43 PM | Computer Name = NEBRASKA | Source = Service Control Manager | ID = 7000 Description = The MCSTRM service failed to start due to the following error: %%2 < End of report >
  3. SilverTongued
    I'm not sure what I have for a virus. Whether it's a worm, trojan, or whatever. I'm thinking that I clicked on a MSN messenger add, when I shouldn't have, because I now have a problem with it sending out mass emails to all of my contacts. Unfortunately, I was gone from home for 5 days, and wasn't able to run any spyware. I started noticing it the day after I got back, when about 20 emails were sent out. It's only affecting my MSN Account, so that's why I am assuming that it was through my MSN messenger account. The computer I have is hand made by my nephew, who used to work for Micorsoft. He installed AVG Free Edition, and PC Tools. Since then I have installed MalwareBytes, and SuperAntiSpyware. I have run all three softwares, and they have told me nothing is on there, as far as any virus. I have read what there is on the forum, and noticed that I should turn off one of the AV systems when doing a scan, and have noticed it does do a check of the other AV. I have also gone into MSN help page, and saw nothing that will help me.. My system is as follows: Dell (model is unknown) XP Pro version 2002 Service Pack 3 Help Please...
  4. SilverTongued
    I just joined today, through way of a Ning site. I've had a computer for about ten years, and this is my third one. It was hand built by my nephew, that used to work for Microsoft. I reside in the USA, but have friends throughout the UK and Scotland, through the Ning site. I'm looking forward to being a friend on here. I'm not sure how much I can contribute, but will be looking forward to learn through the help I can get here. Thanks..
×
×
  • Create New...