Solved cdn4.specificclick.net

ComboFix 10-08-12.03 - Owner 08/13/2010 22:03:16.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.495.199 [GMT -7:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100813-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Owner\GoToAssistDownloadHelper.exe
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\search.html
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\temp1.htm
c:\documents and settings\Owner\Recent\Thumbs.db
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-07-14 to 2010-08-14 )))))))))))))))))))))))))))))))
.

2010-08-12 03:39 . 2010-08-12 03:39 -------- d-----w- c:\program files\gmer
2010-08-12 03:37 . 2010-08-12 03:37 284915 ----a-w- c:\program files\gmer.zip
2010-08-12 02:46 . 2010-08-12 02:46 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2010-08-12 02:45 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-12 02:45 . 2010-08-12 02:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-12 02:45 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-12 02:45 . 2010-08-12 02:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-12 02:43 . 2010-08-12 02:43 6153376 ----a-w- c:\program files\mbam-setup-1.46.exe
2010-08-04 01:46 . 2010-08-04 01:46 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-06 04:36 . 2010-03-24 04:31 439816 ----a-w- c:\documents and settings\Owner\Application Data\Real\Update\setup3.10\setup.exe
2010-06-30 12:31 . 2005-03-23 16:52 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-26 02:29 . 2009-11-07 02:58 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-06-24 12:15 . 2005-03-23 16:53 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15 . 2005-03-23 16:52 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15 . 2005-03-23 16:52 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-23 13:44 . 2005-03-23 16:53 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 03:41 . 2010-06-23 03:41 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb139B.tmp.exe
2010-06-21 15:27 . 2005-03-23 16:52 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2005-03-23 16:52 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2005-03-23 18:10 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2005-03-23 16:52 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-05-26 01:24 . 2010-05-26 01:24 503808 -c--a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6331b6fb-n\msvcp71.dll
2010-05-26 01:24 . 2010-05-26 01:24 499712 -c--a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6331b6fb-n\jmc.dll
2010-05-26 01:24 . 2010-05-26 01:24 348160 -c--a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6331b6fb-n\msvcr71.dll
2010-05-26 01:24 . 2010-05-26 01:24 61440 -c--a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-2eb1f891-n\decora-sse.dll
2010-05-26 01:24 . 2010-05-26 01:24 12800 -c--a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-2eb1f891-n\decora-d3d.dll
2009-11-06 07:53 . 2009-11-06 07:53 8416452 ----a-w- c:\program files\audioextractor.exe
2009-10-05 08:01 . 2009-10-05 08:01 570208 ----a-w- c:\program files\googleupdatesetup.exe
2008-10-14 00:27 . 2008-10-14 00:27 961204 ----a-w- c:\program files\extractnow.exe
2008-10-12 03:34 . 2008-10-12 03:34 1234120 ----a-w- c:\program files\wrar380.exe
2008-07-20 19:20 . 2008-07-20 19:19 38005024 ----a-w- c:\program files\AVSVideoConverter.exe
2008-05-04 03:14 . 2008-05-04 03:14 243864 ----a-w- c:\program files\prismsetup.exe
2007-08-16 06:15 . 2007-08-16 06:15 381952 -c--a-w- c:\program files\justzipit.exe
2007-01-10 06:43 . 2007-01-10 06:43 14994392 -c--a-w- c:\program files\GoogleEarthWin.exe
2006-12-11 08:48 . 2006-12-11 08:48 9918872 -c--a-w- c:\program files\WMEncoder.exe
2005-12-31 23:24 . 2005-12-31 02:49 7079 -c--a-w- c:\program files\hijackthis.log
2005-12-31 20:57 . 2005-12-31 20:57 532480 -c--a-w- c:\program files\CWShredder.exe
2005-12-31 02:46 . 2005-12-31 02:46 218112 ----a-w- c:\program files\HijackThis.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI "= "MIDIDef.exe" [2002-01-14 61440]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-10 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "= "c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-04-24 149040]
"SpybotSD TeaTimer "= "c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"updateMgr "= "c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Google Update "= "c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-02-08 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DevconDefaultDB "= "c:\windows\READREG" [X]
"SunKistEM "= "c:\program files\Digital Media Reader\shwiconem.exe" [2004-11-15 135168]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2004-08-20 155648]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2004-08-20 118784]
"RemoteControl "= "c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-03 32768]
"Recguard "= "c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"WINDVDPatch "= "CTHELPER.EXE" [2002-07-03 24576]
"Jet Detection "= "c:\program files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 28672]
"Disc Detector "= "c:\program files\Creative\ShareDLL\CtNotify.exe" [2001-12-26 191488]
"Reminder "= "c:\windows\Creator\Remind_XP.exe" [2005-02-26 966656]
"avast! "= "c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"IntelliPoint "= "c:\program files\Microsoft IntelliPoint\point32.exe" [2005-03-23 217088]
"Motive SmartBridge "= "c:\progra~1\Verizon\SMARTB~1\MotiveSB.exe" [2006-06-23 438359]
"UpdReg "= "c:\windows\Updreg.exe" [2000-05-11 90112]
"AudioHQ "= "c:\program files\Creative\SBLive2k\AudioHQ\AHQTB.EXE" [2000-05-11 205312]
"TkBellExe "= "c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-20 198160]
"NeroFilterCheck "= "c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-16 153136]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-7-16 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Macromedia\\Fireworks MX\\Fireworks.exe "=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe "=
"c:\\WINDOWS\\system32\\sessmgr.exe "=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe "=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4/5/2008 6:14 PM 114768]
R1 ewido security suite driver;ewido security suite driver;c:\program files\ewido anti-malware\guard.sys [12/30/2005 4:12 AM 3072]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4/5/2008 6:14 PM 20560]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 11:42 AM 135664]
.
Contents of the 'Scheduled Tasks' folder

2010-08-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 20:34]

2010-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 18:41]

2010-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 18:41]

2010-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2750416039-201122838-359310041-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-08 09:17]

2010-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2750416039-201122838-359310041-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-08 09:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe "
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\1hpaxfmn.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - plugin: c:\documents and settings\Owner\Application Data\Move Networks\plugins\npqmp071505000010.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-RegistryMechanic - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-13 22:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Disc Detector = c:\program files\Creative\ShareDLL\CtNotify.exe?X???????????????????E?@?Disc Detector?A????? ?A?0 ????B?e!@???@???@?? C?????E?@?????????@?B???A????? ?A?? ????B???@?????P?????@?P ??????~?B~??????????@???????????????????B?????? ??????????????????????????r?B

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101 "

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe "

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
Completion time: 2010-08-13 22:19:32
ComboFix-quarantined-files.txt 2010-08-14 05:19

Pre-Run: 61,232,365,568 bytes free
Post-Run: 61,372,620,800 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS= "Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 21A4A58A783D1203A5A4C6755AEEEEFB

 

When I do this, a window pops up that appears to be asking me if I want to run Combofix (not uninstall it). If my memory serves me correct, it's the same window that popped up the first time I ran the software. Are you sure this is the proper way to uninstall it with Windows XP?

 

Everything seems to be running perfectly now. I'm sorry, but I thought it was fixed. There's more?

 

Here is the OTL log part 1:

OTL logfile created on: 9/23/2010 9:28:34 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

495.00 Mb Total Physical Memory | 247.00 Mb Available Physical Memory | 50.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 89.86 Gb Total Space | 56.97 Gb Free Space | 63.40% Space Free | Partition Type: NTFS
Drive D: | 3.30 Gb Total Space | 1.18 Gb Free Space | 35.78% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: IDLERACER
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/23 21:24:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2009/11/24 16:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 16:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 16:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 16:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 16:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/09/20 11:47:08 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/10 09:51:21 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/04/24 14:26:00 | 000,910,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/04/24 14:25:40 | 000,149,040 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/06/23 12:33:02 | 000,438,359 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Verizon\SmartBridge\MotiveSB.exe
PRC - [2005/11/30 02:47:52 | 000,013,888 | ---- | M] (ewido networks) -- C:\Program Files\ewido anti-malware\ewidoctrl.exe
PRC - [2005/05/11 09:05:41 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2005/03/23 16:26:09 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\point32.exe
PRC - [2004/11/15 15:04:32 | 000,135,168 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\shwiconEM.exe
PRC - [2002/07/23 11:00:00 | 000,167,424 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\Mediadet.exe
PRC - [2002/07/02 17:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE
PRC - [2001/12/26 03:00:00 | 000,191,488 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\CTNotify.exe
PRC - [2001/08/17 22:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe
PRC - [2000/05/11 01:00:00 | 000,205,312 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\SBLive2k\AudioHQ\ahqtb.exe


========== Modules (SafeList) ==========

MOD - [2010/09/23 21:24:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2009/06/19 00:34:16 | 000,008,704 | ---- | M] () -- C:\Program Files\Real\RealPlayer\rpchromebrowserrecordhelper.dll
MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/06 17:26:56 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2006/08/02 12:04:10 | 000,122,880 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Verizon\SmartBridge\SBHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2009/11/24 16:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 16:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 16:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 16:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005/12/18 10:41:35 | 000,151,616 | ---- | M] (ewido networks) [Disabled | Stopped] -- C:\Program Files\ewido anti-malware\ewidoguard.exe -- (ewido security suite guard)
SRV - [2005/11/30 02:47:52 | 000,013,888 | ---- | M] (ewido networks) [Auto | Running] -- C:\Program Files\ewido anti-malware\ewidoctrl.exe -- (ewido security suite control)
SRV - [2005/05/11 09:05:41 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2009/11/24 16:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/24 16:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 16:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 16:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 16:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/24 16:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/04/13 11:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 11:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2006/07/05 11:10:23 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2006/07/05 11:10:23 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2005/12/30 04:12:19 | 000,003,072 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\ewido anti-malware\guard.sys -- (ewido security suite driver)
DRV - [2004/11/15 17:41:54 | 000,036,804 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/06/17 15:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 15:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 15:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002/07/24 13:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 10:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/19 10:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 10:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 10:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 10:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/07/19 10:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2002/06/14 13:49:56 | 000,010,194 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
DRV - [2001/08/17 12:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 12:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 12:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 12:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {2AA0FE3E-BB7C-7DE4-3FD1-D24B5ACFB827} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/09/23 14:20:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/31 20:14:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/15 01:16:17 | 000,000,000 | ---D | M]

[2009/10/05 19:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/05/18 15:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1hpaxfmn.default\extensions
[2009/09/29 22:50:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1hpaxfmn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/14 07:58:44 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1hpaxfmn.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/08/15 00:53:38 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/04/06 17:25:31 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/05/15 01:16:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/15 00:53:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/04/06 17:24:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\real-networks@partners.mozilla.com
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/07/17 20:21:00 | 003,883,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll

O1 HOSTS File: ([2010/08/13 22:12:33 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (no name) - {2AA0FE3E-BB7C-7DE4-3FD1-D24B5ACFB827} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {52CE8742-BCE2-8A43-5E70-10C016F66C01} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AudioHQ] C:\Program Files\Creative\SBLive2k\AudioHQ\ahqtb.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DevconDefaultDB] C:\WINDOWS\READREG.exe (Creative Technology Limited)
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CTNotify.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\point32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [Motive SmartBridge] C:\Program Files\Verizon\SmartBridge\MotiveSB.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconEM.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4eef-8da4-f99c7e0c9b92/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} http://www.live365.com/players/play365.cab (Live365Player Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15108/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {54D9498B-CF93-414F-8984-8CE7FDE0D391} - C:\Program Files\ewido anti-malware\shellhook.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/03/23 11:13:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: aux - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 90 Days ==========

[2010/09/23 21:24:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/08/14 09:28:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/13 22:01:50 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/08/13 21:56:49 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/08/13 21:56:49 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/08/13 21:56:49 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/08/13 21:56:49 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/08/13 21:56:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/11 20:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\gmer
[2010/08/11 19:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2010/08/11 19:45:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/11 19:45:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/11 19:45:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/11 19:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/11 19:43:13 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.46.exe
[2010/06/27 21:56:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/11/06 00:53:28 | 008,416,452 | ---- | C] (AoAMedia.Com ) -- C:\Program Files\audioextractor.exe
[2009/10/05 01:01:13 | 000,570,208 | ---- | C] (Google Inc.) -- C:\Program Files\googleupdatesetup.exe
[2008/10/13 17:27:39 | 000,961,204 | ---- | C] (Nathan Moinvaziri ) -- C:\Program Files\extractnow.exe
[2008/07/20 12:19:58 | 038,005,024 | ---- | C] (Online Media Technologies Ltd. ) -- C:\Program Files\AVSVideoConverter.exe
[2008/05/03 20:14:12 | 000,243,864 | ---- | C] (NCH Software) -- C:\Program Files\prismsetup.exe
[2007/08/15 23:15:53 | 000,381,952 | ---- | C] (Free-backup.info) -- C:\Program Files\justzipit.exe
[2007/01/09 23:43:49 | 014,994,392 | ---- | C] (Macrovision Corporation) -- C:\Program Files\GoogleEarthWin.exe
[2006/12/11 01:48:56 | 009,918,872 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WMEncoder.exe
[2005/12/31 13:57:39 | 000,532,480 | ---- | C] (Trend Micro Incorporated) -- C:\Program Files\CWShredder.exe
[2005/12/30 19:46:20 | 000,218,112 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Program Files\HijackThis.exe
[2002/07/19 10:43:06 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/09/23 21:24:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/09/23 21:02:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/23 20:37:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2750416039-201122838-359310041-1003UA.job
[2010/09/23 18:37:05 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2750416039-201122838-359310041-1003Core.job
[2010/09/23 08:38:46 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2010/09/22 23:02:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/22 17:54:50 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/22 17:54:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/22 17:53:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/22 17:53:57 | 518,836,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/22 17:53:23 | 014,155,776 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/09/22 17:53:05 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/09/20 23:06:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/09/17 00:21:55 | 000,000,681 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/15 17:26:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/12 12:30:20 | 000,130,048 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/06 20:23:39 | 003,840,936 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/08/13 22:13:02 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/13 22:12:33 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/13 22:01:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/08/12 00:43:00 | 000,169,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/12 00:00:44 | 000,479,240 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/12 00:00:44 | 000,411,818 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/12 00:00:44 | 000,059,396 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/11 23:27:33 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MBRCheck.exe
[2010/08/11 20:37:45 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/08/11 19:45:51 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/11 19:43:14 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.46.exe
[2010/08/09 10:30:09 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dds.pif
[2010/08/03 19:28:46 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/07/15 21:03:05 | 013,783,040 | ---- | M] () -- C:\Documents and Settings\Owner\s-1-5-21-2750416039-201122838-359310041-1003.rrr
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

Here is the OTL Log Part 2

========== Files Created - No Company Name ==========

[2010/08/13 22:01:56 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/08/13 22:01:52 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/08/13 21:56:49 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/08/13 21:56:49 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/08/13 21:56:49 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/08/13 21:56:49 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/08/13 21:56:49 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/11 23:27:33 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MBRCheck.exe
[2010/08/11 20:37:42 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/08/11 19:45:51 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/09 10:30:09 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dds.pif
[2010/07/15 21:02:37 | 013,783,040 | ---- | C] () -- C:\Documents and Settings\Owner\s-1-5-21-2750416039-201122838-359310041-1003.rrr
[2010/01/02 19:02:43 | 000,000,036 | ---- | C] () -- C:\WINDOWS\plugSpk.INI
[2009/09/18 20:07:14 | 000,155,708 | ---- | C] () -- C:\WINDOWS\System32\CTJBProg.dll
[2009/01/14 23:33:55 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008/12/11 23:15:13 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/12/11 23:15:11 | 000,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/10/11 20:34:32 | 001,234,120 | ---- | C] () -- C:\Program Files\wrar380.exe
[2008/05/03 21:45:46 | 000,001,028 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\AVIEncoder.wff
[2008/01/23 19:59:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NPE.INI
[2007/01/25 22:43:13 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/06/22 23:40:54 | 000,000,354 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/05/04 01:33:04 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006/04/23 00:31:29 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/04/11 23:42:54 | 000,000,520 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2006/02/09 19:42:58 | 000,014,287 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/01/06 01:54:47 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/12/31 06:14:31 | 000,025,914 | ---- | C] () -- C:\WINDOWS\System32\stub68.ini
[2005/12/31 06:07:58 | 000,026,241 | ---- | C] () -- C:\WINDOWS\System32\stub67.ini
[2005/12/31 06:06:50 | 000,026,472 | ---- | C] () -- C:\WINDOWS\System32\stub66.ini
[2005/12/31 05:24:39 | 000,026,174 | ---- | C] () -- C:\WINDOWS\System32\stub65.ini
[2005/12/31 05:12:54 | 000,024,912 | ---- | C] () -- C:\WINDOWS\System32\stub64.ini
[2005/12/31 05:01:37 | 000,025,074 | ---- | C] () -- C:\WINDOWS\System32\stub63.ini
[2005/12/31 05:01:21 | 000,025,293 | ---- | C] () -- C:\WINDOWS\System32\stub62.ini
[2005/12/31 05:00:29 | 000,025,066 | ---- | C] () -- C:\WINDOWS\System32\stub61.ini
[2005/12/31 04:52:24 | 000,025,594 | ---- | C] () -- C:\WINDOWS\System32\stub60.ini
[2005/12/31 04:50:53 | 000,025,271 | ---- | C] () -- C:\WINDOWS\System32\stub59.ini
[2005/12/31 04:50:49 | 000,026,307 | ---- | C] () -- C:\WINDOWS\System32\stub58.ini
[2005/12/31 04:35:10 | 000,025,008 | ---- | C] () -- C:\WINDOWS\System32\stub57.ini
[2005/12/31 04:34:34 | 000,025,158 | ---- | C] () -- C:\WINDOWS\System32\stub56.ini
[2005/12/31 04:31:51 | 000,025,293 | ---- | C] () -- C:\WINDOWS\System32\stub55.ini
[2005/12/31 04:05:48 | 000,025,311 | ---- | C] () -- C:\WINDOWS\System32\stub54.ini
[2005/12/31 03:54:39 | 000,025,635 | ---- | C] () -- C:\WINDOWS\System32\stub53.ini
[2005/12/31 03:33:07 | 000,025,546 | ---- | C] () -- C:\WINDOWS\System32\stub52.ini
[2005/12/31 00:50:05 | 000,025,592 | ---- | C] () -- C:\WINDOWS\System32\stub51.ini
[2005/12/31 00:47:32 | 000,024,667 | ---- | C] () -- C:\WINDOWS\System32\stub50.ini
[2005/12/31 00:45:57 | 000,024,795 | ---- | C] () -- C:\WINDOWS\System32\stub49.ini
[2005/12/30 19:49:33 | 000,007,079 | ---- | C] () -- C:\Program Files\hijackthis.log
[2005/12/30 17:24:59 | 000,024,864 | ---- | C] () -- C:\WINDOWS\System32\stub48.ini
[2005/12/30 17:17:57 | 000,024,921 | ---- | C] () -- C:\WINDOWS\System32\stub47.ini
[2005/12/30 17:17:41 | 000,025,352 | ---- | C] () -- C:\WINDOWS\System32\stub46.ini
[2005/12/30 17:01:52 | 000,024,766 | ---- | C] () -- C:\WINDOWS\System32\stub45.ini
[2005/12/30 17:00:04 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2005/12/30 14:47:46 | 000,024,710 | ---- | C] () -- C:\WINDOWS\System32\stub44.ini
[2005/12/30 14:41:10 | 000,025,043 | ---- | C] () -- C:\WINDOWS\System32\stub43.ini
[2005/12/30 14:31:07 | 000,024,914 | ---- | C] () -- C:\WINDOWS\System32\stub42.ini
[2005/12/30 14:29:20 | 000,025,035 | ---- | C] () -- C:\WINDOWS\System32\stub41.ini
[2005/12/30 14:28:22 | 000,024,703 | ---- | C] () -- C:\WINDOWS\System32\stub40.ini
[2005/12/30 14:28:09 | 000,024,420 | ---- | C] () -- C:\WINDOWS\System32\stub39.ini
[2005/12/30 14:27:57 | 000,024,711 | ---- | C] () -- C:\WINDOWS\System32\stub38.ini
[2005/12/30 14:27:44 | 000,024,442 | ---- | C] () -- C:\WINDOWS\System32\stub37.ini
[2005/12/30 14:27:21 | 000,024,735 | ---- | C] () -- C:\WINDOWS\System32\stub36.ini
[2005/12/30 14:26:57 | 000,024,305 | ---- | C] () -- C:\WINDOWS\System32\stub35.ini
[2005/12/30 14:25:56 | 000,024,912 | ---- | C] () -- C:\WINDOWS\System32\stub34.ini
[2005/12/30 14:25:49 | 000,024,391 | ---- | C] () -- C:\WINDOWS\System32\stub33.ini
[2005/12/30 14:24:58 | 000,024,500 | ---- | C] () -- C:\WINDOWS\System32\stub32.ini
[2005/12/30 14:24:43 | 000,024,410 | ---- | C] () -- C:\WINDOWS\System32\stub31.ini
[2005/12/30 14:24:28 | 000,024,809 | ---- | C] () -- C:\WINDOWS\System32\stub30.ini
[2005/12/30 14:24:21 | 000,024,364 | ---- | C] () -- C:\WINDOWS\System32\stub29.ini
[2005/12/30 14:23:29 | 000,024,101 | ---- | C] () -- C:\WINDOWS\System32\stub28.ini
[2005/12/30 14:23:22 | 000,024,565 | ---- | C] () -- C:\WINDOWS\System32\stub27.ini
[2005/12/30 14:23:08 | 000,023,818 | ---- | C] () -- C:\WINDOWS\System32\stub26.ini
[2005/12/30 14:22:58 | 000,023,904 | ---- | C] () -- C:\WINDOWS\System32\stub25.ini
[2005/12/30 14:22:45 | 000,023,580 | ---- | C] () -- C:\WINDOWS\System32\stub24.ini
[2005/12/30 14:22:24 | 000,024,085 | ---- | C] () -- C:\WINDOWS\System32\stub23.ini
[2005/12/30 14:22:06 | 000,023,060 | ---- | C] () -- C:\WINDOWS\System32\stub22.ini
[2005/12/30 14:20:58 | 000,023,219 | ---- | C] () -- C:\WINDOWS\System32\stub21.ini
[2005/12/30 14:20:52 | 000,023,685 | ---- | C] () -- C:\WINDOWS\System32\stub20.ini
[2005/12/30 14:19:43 | 000,022,835 | ---- | C] () -- C:\WINDOWS\System32\stub19.ini
[2005/12/30 14:18:34 | 000,022,118 | ---- | C] () -- C:\WINDOWS\System32\stub18.ini
[2005/12/30 14:16:58 | 000,023,395 | ---- | C] () -- C:\WINDOWS\System32\stub17.ini
[2005/12/30 14:15:58 | 000,023,622 | ---- | C] () -- C:\WINDOWS\System32\stub16.ini
[2005/12/30 14:14:36 | 000,023,264 | ---- | C] () -- C:\WINDOWS\System32\stub15.ini
[2005/12/30 14:14:25 | 000,023,847 | ---- | C] () -- C:\WINDOWS\System32\stub14.ini
[2005/12/30 14:12:55 | 000,023,745 | ---- | C] () -- C:\WINDOWS\System32\stub13.ini
[2005/12/30 14:12:24 | 000,023,567 | ---- | C] () -- C:\WINDOWS\System32\stub12.ini
[2005/12/30 14:12:09 | 000,023,501 | ---- | C] () -- C:\WINDOWS\System32\stub11.ini
[2005/12/30 14:11:45 | 000,023,416 | ---- | C] () -- C:\WINDOWS\System32\stub10.ini
[2005/12/30 14:11:29 | 000,023,496 | ---- | C] () -- C:\WINDOWS\System32\stub9.ini
[2005/12/30 14:11:15 | 000,023,318 | ---- | C] () -- C:\WINDOWS\System32\stub8.ini
[2005/12/30 14:11:05 | 000,023,344 | ---- | C] () -- C:\WINDOWS\System32\stub7.ini
[2005/12/30 14:10:41 | 000,023,619 | ---- | C] () -- C:\WINDOWS\System32\stub6.ini
[2005/12/30 14:10:12 | 000,023,500 | ---- | C] () -- C:\WINDOWS\System32\stub5.ini
[2005/12/30 14:10:05 | 000,023,246 | ---- | C] () -- C:\WINDOWS\System32\stub4.ini
[2005/12/30 14:09:50 | 000,023,166 | ---- | C] () -- C:\WINDOWS\System32\stub3.ini
[2005/12/30 14:08:22 | 000,022,711 | ---- | C] () -- C:\WINDOWS\System32\stub2.ini
[2005/12/30 14:05:46 | 000,022,854 | ---- | C] () -- C:\WINDOWS\System32\stub1.ini
[2005/12/30 13:29:36 | 000,022,742 | ---- | C] () -- C:\WINDOWS\stub91.ini
[2005/12/30 13:29:17 | 000,025,728 | ---- | C] () -- C:\WINDOWS\stub90.ini
[2005/12/30 13:29:08 | 000,025,441 | ---- | C] () -- C:\WINDOWS\stub89.ini
[2005/12/30 13:28:57 | 000,025,543 | ---- | C] () -- C:\WINDOWS\stub88.ini
[2005/12/30 13:28:42 | 000,025,695 | ---- | C] () -- C:\WINDOWS\stub87.ini
[2005/12/30 13:25:58 | 000,025,438 | ---- | C] () -- C:\WINDOWS\stub86.ini
[2005/12/30 13:25:20 | 000,025,197 | ---- | C] () -- C:\WINDOWS\stub85.ini
[2005/12/30 13:21:45 | 000,025,684 | ---- | C] () -- C:\WINDOWS\stub84.ini
[2005/12/30 13:08:47 | 000,026,118 | ---- | C] () -- C:\WINDOWS\stub83.ini
[2005/12/30 13:02:42 | 000,025,882 | ---- | C] () -- C:\WINDOWS\stub82.ini
[2005/12/30 13:01:49 | 000,026,444 | ---- | C] () -- C:\WINDOWS\stub81.ini
[2005/12/30 13:01:35 | 000,025,840 | ---- | C] () -- C:\WINDOWS\stub80.ini
[2005/12/30 13:01:29 | 000,025,314 | ---- | C] () -- C:\WINDOWS\stub79.ini
[2005/12/30 11:28:01 | 000,025,812 | ---- | C] () -- C:\WINDOWS\stub78.ini
[2005/12/30 11:27:56 | 000,025,329 | ---- | C] () -- C:\WINDOWS\stub77.ini
[2005/12/30 10:48:55 | 000,026,785 | ---- | C] () -- C:\WINDOWS\stub76.ini
[2005/12/30 10:47:35 | 000,026,386 | ---- | C] () -- C:\WINDOWS\stub75.ini
[2005/12/30 10:47:31 | 000,026,446 | ---- | C] () -- C:\WINDOWS\stub74.ini
[2005/12/30 10:43:29 | 000,026,417 | ---- | C] () -- C:\WINDOWS\stub73.ini
[2005/12/30 08:23:42 | 000,026,300 | ---- | C] () -- C:\WINDOWS\stub72.ini
[2005/12/30 08:23:28 | 000,026,413 | ---- | C] () -- C:\WINDOWS\stub71.ini
[2005/12/30 08:17:47 | 000,025,626 | ---- | C] () -- C:\WINDOWS\stub70.ini
[2005/12/30 08:16:44 | 000,025,949 | ---- | C] () -- C:\WINDOWS\stub69.ini
[2005/12/30 08:08:50 | 000,025,914 | ---- | C] () -- C:\WINDOWS\stub68.ini
[2005/12/30 08:00:28 | 000,026,241 | ---- | C] () -- C:\WINDOWS\stub67.ini
[2005/12/30 07:56:56 | 000,026,472 | ---- | C] () -- C:\WINDOWS\stub66.ini
[2005/12/30 07:56:22 | 000,026,174 | ---- | C] () -- C:\WINDOWS\stub65.ini
[2005/12/30 07:52:21 | 000,024,912 | ---- | C] () -- C:\WINDOWS\stub64.ini
[2005/12/30 07:52:18 | 000,025,074 | ---- | C] () -- C:\WINDOWS\stub63.ini
[2005/12/30 07:51:36 | 000,025,293 | ---- | C] () -- C:\WINDOWS\stub62.ini
[2005/12/30 07:41:46 | 000,025,066 | ---- | C] () -- C:\WINDOWS\stub61.ini
[2005/12/30 07:39:57 | 000,025,594 | ---- | C] () -- C:\WINDOWS\stub60.ini
[2005/12/30 07:37:41 | 000,025,271 | ---- | C] () -- C:\WINDOWS\stub59.ini
[2005/12/30 07:31:52 | 000,026,307 | ---- | C] () -- C:\WINDOWS\stub58.ini
[2005/12/30 07:28:09 | 000,025,008 | ---- | C] () -- C:\WINDOWS\stub57.ini
[2005/12/30 07:27:25 | 000,025,158 | ---- | C] () -- C:\WINDOWS\stub56.ini
[2005/12/30 07:24:35 | 000,025,293 | ---- | C] () -- C:\WINDOWS\stub55.ini
[2005/12/30 07:23:19 | 000,025,311 | ---- | C] () -- C:\WINDOWS\stub54.ini
[2005/12/30 07:22:56 | 000,025,635 | ---- | C] () -- C:\WINDOWS\stub53.ini
[2005/12/30 07:21:49 | 000,025,546 | ---- | C] () -- C:\WINDOWS\stub52.ini
[2005/12/30 07:21:19 | 000,025,592 | ---- | C] () -- C:\WINDOWS\stub51.ini
[2005/12/30 07:19:59 | 000,024,667 | ---- | C] () -- C:\WINDOWS\stub50.ini
[2005/12/30 07:15:08 | 000,024,795 | ---- | C] () -- C:\WINDOWS\stub49.ini
[2005/12/30 07:10:33 | 000,024,864 | ---- | C] () -- C:\WINDOWS\stub48.ini
[2005/12/30 07:08:42 | 000,024,921 | ---- | C] () -- C:\WINDOWS\stub47.ini
[2005/12/30 07:05:21 | 000,025,352 | ---- | C] () -- C:\WINDOWS\stub46.ini
[2005/12/30 07:05:13 | 000,024,766 | ---- | C] () -- C:\WINDOWS\stub45.ini
[2005/12/30 06:59:29 | 000,024,710 | ---- | C] () -- C:\WINDOWS\stub44.ini
[2005/12/30 06:58:50 | 000,025,043 | ---- | C] () -- C:\WINDOWS\stub43.ini
[2005/12/30 06:58:45 | 000,024,914 | ---- | C] () -- C:\WINDOWS\stub42.ini
[2005/12/30 06:55:49 | 000,025,035 | ---- | C] () -- C:\WINDOWS\stub41.ini
[2005/12/30 06:54:47 | 000,024,703 | ---- | C] () -- C:\WINDOWS\stub40.ini
[2005/12/30 05:30:34 | 000,024,420 | ---- | C] () -- C:\WINDOWS\stub39.ini
[2005/12/30 04:32:35 | 000,024,711 | ---- | C] () -- C:\WINDOWS\stub38.ini
[2005/12/30 04:30:06 | 000,024,442 | ---- | C] () -- C:\WINDOWS\stub37.ini
[2005/12/30 04:04:59 | 000,024,735 | ---- | C] () -- C:\WINDOWS\stub36.ini
[2005/12/30 04:04:35 | 000,024,305 | ---- | C] () -- C:\WINDOWS\stub35.ini
[2005/12/30 04:03:52 | 000,024,391 | ---- | C] () -- C:\WINDOWS\stub33.ini
[2005/12/30 04:03:27 | 000,024,500 | ---- | C] () -- C:\WINDOWS\stub32.ini
[2005/12/30 04:03:25 | 000,024,410 | ---- | C] () -- C:\WINDOWS\stub31.ini
[2005/12/30 03:55:25 | 000,024,809 | ---- | C] () -- C:\WINDOWS\stub30.ini
[2005/12/30 03:52:46 | 000,024,364 | ---- | C] () -- C:\WINDOWS\stub29.ini
[2005/12/30 03:36:13 | 000,024,101 | ---- | C] () -- C:\WINDOWS\stub28.ini
[2005/12/30 03:35:38 | 000,024,565 | ---- | C] () -- C:\WINDOWS\stub27.ini
[2005/12/30 02:48:11 | 000,023,818 | ---- | C] () -- C:\WINDOWS\stub26.ini
[2005/12/30 02:48:08 | 000,023,904 | ---- | C] () -- C:\WINDOWS\stub25.ini
[2005/12/30 02:34:49 | 000,023,580 | ---- | C] () -- C:\WINDOWS\stub24.ini
[2005/12/30 02:28:08 | 000,024,085 | ---- | C] () -- C:\WINDOWS\stub23.ini
[2005/12/30 02:27:52 | 000,023,060 | ---- | C] () -- C:\WINDOWS\stub22.ini
[2005/12/30 02:26:37 | 000,023,685 | ---- | C] () -- C:\WINDOWS\stub20.ini
[2005/12/30 02:24:03 | 000,023,395 | ---- | C] () -- C:\WINDOWS\stub17.ini
[2005/12/30 02:21:45 | 000,023,264 | ---- | C] () -- C:\WINDOWS\stub15.ini
[2005/12/30 02:19:47 | 000,023,847 | ---- | C] () -- C:\WINDOWS\stub14.ini
[2005/12/30 02:18:39 | 000,023,745 | ---- | C] () -- C:\WINDOWS\stub13.ini
[2005/12/30 02:16:24 | 000,023,567 | ---- | C] () -- C:\WINDOWS\stub12.ini
[2005/12/30 02:15:20 | 000,023,501 | ---- | C] () -- C:\WINDOWS\stub11.ini
[2005/12/30 02:10:00 | 000,023,416 | ---- | C] () -- C:\WINDOWS\stub10.ini
[2005/12/30 02:09:34 | 000,023,496 | ---- | C] () -- C:\WINDOWS\stub9.ini
[2005/12/30 02:09:07 | 000,023,318 | ---- | C] () -- C:\WINDOWS\stub8.ini
[2005/12/30 02:08:26 | 000,023,344 | ---- | C] () -- C:\WINDOWS\stub7.ini
[2005/12/30 02:06:25 | 000,023,619 | ---- | C] () -- C:\WINDOWS\stub6.ini
[2005/12/30 02:02:57 | 000,023,500 | ---- | C] () -- C:\WINDOWS\stub5.ini
[2005/12/30 01:56:45 | 000,023,166 | ---- | C] () -- C:\WINDOWS\stub3.ini
[2005/12/30 01:52:37 | 000,022,711 | ---- | C] () -- C:\WINDOWS\stub2.ini
[2005/12/28 11:16:20 | 000,001,199 | ---- | C] () -- C:\WINDOWS\System32\logs1.ini
[2005/12/20 06:38:51 | 000,024,912 | ---- | C] () -- C:\WINDOWS\stub34.ini
[2005/12/09 08:49:27 | 000,023,622 | ---- | C] () -- C:\WINDOWS\stub16.ini
[2005/12/09 08:49:27 | 000,023,219 | ---- | C] () -- C:\WINDOWS\stub21.ini
[2005/12/09 08:49:27 | 000,022,835 | ---- | C] () -- C:\WINDOWS\stub19.ini
[2005/12/09 08:49:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2005/12/04 19:04:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\logs2.ini
[2005/12/04 05:47:22 | 000,022,118 | ---- | C] () -- C:\WINDOWS\stub18.ini
[2005/12/04 04:45:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\logs2.ini
[2005/12/02 04:18:48 | 000,023,246 | ---- | C] () -- C:\WINDOWS\stub4.ini
[2005/11/10 21:49:06 | 000,130,048 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/08/21 18:39:22 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\WavCodec.wff
[2005/07/29 21:53:48 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/07/27 20:52:56 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS45.DLL
[2005/07/27 06:19:27 | 000,000,196 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/07/27 06:19:25 | 000,000,231 | ---- | C] () -- C:\WINDOWS\ac3api.ini
[2005/07/27 06:18:58 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2005/07/27 06:18:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005/05/11 09:26:30 | 000,000,478 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/11 07:57:01 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/03/23 21:07:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/03/23 09:53:24 | 000,001,420 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/03/23 09:53:24 | 000,000,481 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/01 13:30:47 | 000,015,712 | ---- | C] () -- C:\WINDOWS\System32\OvMidi16.dll
[2002/06/14 09:19:02 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI

========== LOP Check ==========

[2008/03/22 18:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2005/08/16 12:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/09/18 21:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2005/10/17 21:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2010/06/25 19:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/01/23 22:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/07/12 14:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Alien Skin
[2009/09/19 10:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Blitware
[2009/11/26 22:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Free Mp3 Wma Ogg Converter
[2006/09/13 16:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2007/01/25 22:38:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2005/05/11 09:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2007/01/23 22:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2005/08/16 11:20:23 | 000,911,410 | ---- | M] () -- C:\00.bmp
[2005/05/11 09:24:40 | 000,000,349 | ---- | M] () -- C:\aresult.txt
[2005/03/23 11:13:17 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/12/27 19:05:11 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/08/13 22:01:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2005/07/26 21:56:52 | 000,000,103 | ---- | M] () -- C:\BootErr.log
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2005/03/23 11:13:17 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/09/19 11:13:25 | 000,003,744 | ---- | M] () -- C:\CTSUFile.txt
[2010/01/15 17:42:54 | 000,016,257 | ---- | M] () -- C:\EyeCandyLog.txt
[2010/09/22 17:53:57 | 518,836,224 | -HS- | M] () -- C:\hiberfil.sys
[2005/03/23 11:13:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/05/11 09:21:05 | 000,000,857 | -H-- | M] () -- C:\IPH.PH
[2005/03/23 11:13:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/03 21:24:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/22 17:53:55 | 780,140,544 | -HS- | M] () -- C:\pagefile.sys
[2005/05/11 09:48:43 | 000,000,256 | ---- | M] () -- C:\SmartInstaller.log
[2006/12/10 11:57:37 | 001,568,744 | ---- | M] (Hewlett-Packard Company ) -- C:\SP23104.exe
[2005/08/03 10:44:25 | 000,046,024 | ---- | M] () -- C:\Toolbar5.iae
[2006/12/10 15:04:48 | 000,942,712 | ---- | M] (InstallShield Software Corporation) -- C:\vdg429en.exe

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2002/02/11 21:00:00 | 000,013,824 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD45.DLL
[2002/02/11 21:00:00 | 000,043,008 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP45.DLL
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >


< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005/03/23 03:02:03 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/03/23 03:02:03 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/03/23 03:02:03 | 000,851,968 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 17:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 17:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\ws2help.dll /md5 >
[2008/04/13 17:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
< End of report >

 

Here is the Extras Log Part 1:

OTL Extras logfile created on: 9/23/2010 9:28:34 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

495.00 Mb Total Physical Memory | 247.00 Mb Available Physical Memory | 50.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 89.86 Gb Total Space | 56.97 Gb Free Space | 63.40% Space Free | Partition Type: NTFS
Drive D: | 3.30 Gb Total Space | 1.18 Gb Free Space | 35.78% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: IDLERACER
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNetisabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNetisabledxpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Macromedia\Fireworks MX\Fireworks.exe" = C:\Program Files\Macromedia\Fireworks MX\Fireworks.exe:*isabled:Fireworks MX -- (Macromedia Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*isabled:RealPlayer -- (RealNetworks, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite eMachines
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2E1A6A90-62A6-4862-9962-81DBFD001033}" = Nero 7 Essentials
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}" = Sound Blaster Live!
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4E10E7FC-36CD-4C22-AC20-9E15692E8C2F}" = Virtual Sound Canvas DXi
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B39603F-2A77-40E6-950D-ED7B8307933D}" = Microsoft IntelliPoint 5.3
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{930B2432-43D4-11D5-9871-00C04F8EEB39}" = Macromedia Fireworks MX
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{AC76BA86-7AD7-5464-3428-7050000000A7}" = Adobe Reader 7.0.5 Language Support
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"AoA Audio Extractor_is1" = AoA Audio Extractor 1.0
"AOL YGP Screensaver" = AOL You've Got Pictures Screensaver
"avast!" = avast! Antivirus
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"DreamStation DXi2" = DreamStation DXi2
"ewidoantimalware" = ewido anti-malware
"HijackThis" = HijackThis 1.99.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Music Creator 2" = Music Creator 2
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 5.1
"Score Writer 2.1" = Score Writer 2.1
"sfArk" = sfArk
"Sound Blaster Live!" = Sound Blaster Live!
"Verizon Online Help and Support" = Verizon Online Help and Support
"VideoEgg" = VideoEgg Publisher
"ViewpointMediaPlayer" = Viewpoint Media Player
"WAV to MP3 Encoder" = WAV to MP3 Encoder
"WavePad" = WavePad Uninstall
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ymb" = Yahoo! Mail Quick Select Tool (PhotoMail)

 

Here is the Extras Log Part #2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 2/10/2010 2:37:16 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8072\TEMP_INSTALL\i\agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUYk6wBDA
failed, 00000005.

Error - 2/10/2010 2:37:16 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8072\TEMP_INSTALL\i\agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUYzZwBDA
failed, 00000005.

Error - 2/10/2010 2:37:16 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8072\DECODED_IMAGES
failed, 00000005.

Error - 2/10/2010 2:38:02 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8226\TEMP_INSTALL\manifest.json
failed, 00000005.

Error - 2/10/2010 2:38:02 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8226\TEMP_INSTALL\i\agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUY08MBDA
failed, 00000005.

Error - 2/10/2010 2:38:02 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8226\TEMP_INSTALL\i\agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUYgawBDA
failed, 00000005.

Error - 2/10/2010 2:38:02 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8226\TEMP_INSTALL\i\agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUYgqwBDA
failed, 00000005.

Error - 2/10/2010 2:38:02 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8226\TEMP_INSTALL\i\agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUYt5wBDA
failed, 00000005.

Error - 2/10/2010 2:38:02 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8226\TEMP_INSTALL\i\agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUYtpwBDA
failed, 00000005.

Error - 2/10/2010 2:38:02 PM | Computer Name = IDLERACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Owner\Local Settings\Temp\scoped_dir8226\DECODED_IMAGES
failed, 00000005.

[ Application Events ]
Error - 9/23/2010 12:01:52 PM | Computer Name = IDLERACER | Source = Application Error | ID = 1001
Description = Fault bucket 1228509876.

Error - 9/23/2010 4:02:08 PM | Computer Name = IDLERACER | Source = Google Update | ID = 20
Description =

Error - 9/23/2010 4:37:11 PM | Computer Name = IDLERACER | Source = Google Update | ID = 20
Description =

Error - 9/23/2010 5:02:10 PM | Computer Name = IDLERACER | Source = Google Update | ID = 20
Description =

Error - 9/23/2010 5:37:13 PM | Computer Name = IDLERACER | Source = Google Update | ID = 20
Description =

Error - 9/23/2010 6:02:13 PM | Computer Name = IDLERACER | Source = Google Update | ID = 20
Description =

Error - 9/23/2010 6:37:14 PM | Computer Name = IDLERACER | Source = Google Update | ID = 20
Description =

Error - 9/23/2010 7:02:07 PM | Computer Name = IDLERACER | Source = Google Update | ID = 20
Description =

Error - 9/23/2010 7:37:05 PM | Computer Name = IDLERACER | Source = Google Update | ID = 20
Description =

Error - 9/23/2010 8:02:05 PM | Computer Name = IDLERACER | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 9/7/2010 8:50:13 PM | Computer Name = IDLERACER | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053

Error - 9/7/2010 8:50:29 PM | Computer Name = IDLERACER | Source = Service Control Manager | ID = 7034
Description = The avast! Web Scanner service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/13/2010 6:31:02 PM | Computer Name = IDLERACER | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 9/15/2010 9:03:35 PM | Computer Name = IDLERACER | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 9/20/2010 4:08:24 PM | Computer Name = IDLERACER | Source = WPDMTPDriver | ID = 80836
Description = MTP WPD Driver has failed to start. Error 0x8007001f.

Error - 9/21/2010 9:57:54 PM | Computer Name = IDLERACER | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 9/21/2010 10:35:52 PM | Computer Name = IDLERACER | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9/21/2010 10:35:52 PM | Computer Name = IDLERACER | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 9/22/2010 7:13:23 PM | Computer Name = IDLERACER | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 9/22/2010 8:54:20 PM | Computer Name = IDLERACER | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126


< End of report >

 

Here is the result, and I will now do those other two things:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{2AA0FE3E-BB7C-7DE4-3FD1-D24B5ACFB827} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2AA0FE3E-BB7C-7DE4-3FD1-D24B5ACFB827}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AA0FE3E-BB7C-7DE4-3FD1-D24B5ACFB827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2AA0FE3E-BB7C-7DE4-3FD1-D24B5ACFB827}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52CE8742-BCE2-8A43-5E70-10C016F66C01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52CE8742-BCE2-8A43-5E70-10C016F66C01}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdReg deleted successfully.
C:\WINDOWS\Updreg.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\OLD1AE.tmp deleted successfully.
C:\WINDOWS\System32\SET408.tmp deleted successfully.
C:\WINDOWS\System32\SET433.tmp deleted successfully.
C:\WINDOWS\System32\setb0.tmp deleted successfully.
C:\WINDOWS\002780_.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\nct3F.tmp deleted successfully.
C:\WINDOWS\nct42.tmp deleted successfully.
C:\WINDOWS\nct43.tmp deleted successfully.
C:\WINDOWS\nct45.tmp deleted successfully.
C:\WINDOWS\nct46.tmp deleted successfully.
C:\WINDOWS\nct48.tmp deleted successfully.
C:\WINDOWS\nct49.tmp deleted successfully.
C:\WINDOWS\nct4B.tmp deleted successfully.
C:\WINDOWS\nct4E.tmp deleted successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome\BH00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\AxMetaStream_Win folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Viewpoint folder moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\WINDOWS\System32\stub1.ini moved successfully.
C:\WINDOWS\System32\stub10.ini moved successfully.
C:\WINDOWS\System32\stub11.ini moved successfully.
C:\WINDOWS\System32\stub12.ini moved successfully.
C:\WINDOWS\System32\stub13.ini moved successfully.
C:\WINDOWS\System32\stub14.ini moved successfully.
C:\WINDOWS\System32\stub15.ini moved successfully.
C:\WINDOWS\System32\stub16.ini moved successfully.
C:\WINDOWS\System32\stub17.ini moved successfully.
C:\WINDOWS\System32\stub18.ini moved successfully.
C:\WINDOWS\System32\stub19.ini moved successfully.
C:\WINDOWS\System32\stub2.ini moved successfully.
C:\WINDOWS\System32\stub20.ini moved successfully.
C:\WINDOWS\System32\stub21.ini moved successfully.
C:\WINDOWS\System32\stub22.ini moved successfully.
C:\WINDOWS\System32\stub23.ini moved successfully.
C:\WINDOWS\System32\stub24.ini moved successfully.
C:\WINDOWS\System32\stub25.ini moved successfully.
C:\WINDOWS\System32\stub26.ini moved successfully.
C:\WINDOWS\System32\stub27.ini moved successfully.
C:\WINDOWS\System32\stub28.ini moved successfully.
C:\WINDOWS\System32\stub29.ini moved successfully.
C:\WINDOWS\System32\stub3.ini moved successfully.
C:\WINDOWS\System32\stub30.ini moved successfully.
C:\WINDOWS\System32\stub31.ini moved successfully.
C:\WINDOWS\System32\stub32.ini moved successfully.
C:\WINDOWS\System32\stub33.ini moved successfully.
C:\WINDOWS\System32\stub34.ini moved successfully.
C:\WINDOWS\System32\stub35.ini moved successfully.
C:\WINDOWS\System32\stub36.ini moved successfully.
C:\WINDOWS\System32\stub37.ini moved successfully.
C:\WINDOWS\System32\stub38.ini moved successfully.
C:\WINDOWS\System32\stub39.ini moved successfully.
C:\WINDOWS\System32\stub4.ini moved successfully.
C:\WINDOWS\System32\stub40.ini moved successfully.
C:\WINDOWS\System32\stub41.ini moved successfully.
C:\WINDOWS\System32\stub42.ini moved successfully.
C:\WINDOWS\System32\stub43.ini moved successfully.
C:\WINDOWS\System32\stub44.ini moved successfully.
C:\WINDOWS\System32\stub45.ini moved successfully.
C:\WINDOWS\System32\stub46.ini moved successfully.
C:\WINDOWS\System32\stub47.ini moved successfully.
C:\WINDOWS\System32\stub48.ini moved successfully.
C:\WINDOWS\System32\stub49.ini moved successfully.
C:\WINDOWS\System32\stub5.ini moved successfully.
C:\WINDOWS\System32\stub50.ini moved successfully.
C:\WINDOWS\System32\stub51.ini moved successfully.
C:\WINDOWS\System32\stub52.ini moved successfully.
C:\WINDOWS\System32\stub53.ini moved successfully.
C:\WINDOWS\System32\stub54.ini moved successfully.
C:\WINDOWS\System32\stub55.ini moved successfully.
C:\WINDOWS\System32\stub56.ini moved successfully.
C:\WINDOWS\System32\stub57.ini moved successfully.
C:\WINDOWS\System32\stub58.ini moved successfully.
C:\WINDOWS\System32\stub59.ini moved successfully.
C:\WINDOWS\System32\stub6.ini moved successfully.
C:\WINDOWS\System32\stub60.ini moved successfully.
C:\WINDOWS\System32\stub61.ini moved successfully.
C:\WINDOWS\System32\stub62.ini moved successfully.
C:\WINDOWS\System32\stub63.ini moved successfully.
C:\WINDOWS\System32\stub64.ini moved successfully.
C:\WINDOWS\System32\stub65.ini moved successfully.
C:\WINDOWS\System32\stub66.ini moved successfully.
C:\WINDOWS\System32\stub67.ini moved successfully.
C:\WINDOWS\System32\stub68.ini moved successfully.
C:\WINDOWS\System32\stub7.ini moved successfully.
C:\WINDOWS\System32\stub8.ini moved successfully.
C:\WINDOWS\System32\stub9.ini moved successfully.
C:\WINDOWS\stub10.ini moved successfully.
C:\WINDOWS\stub11.ini moved successfully.
C:\WINDOWS\stub12.ini moved successfully.
C:\WINDOWS\stub13.ini moved successfully.
C:\WINDOWS\stub14.ini moved successfully.
C:\WINDOWS\stub15.ini moved successfully.
C:\WINDOWS\stub16.ini moved successfully.
C:\WINDOWS\stub17.ini moved successfully.
C:\WINDOWS\stub18.ini moved successfully.
C:\WINDOWS\stub19.ini moved successfully.
C:\WINDOWS\stub2.ini moved successfully.
C:\WINDOWS\stub20.ini moved successfully.
C:\WINDOWS\stub21.ini moved successfully.
C:\WINDOWS\stub22.ini moved successfully.
C:\WINDOWS\stub23.ini moved successfully.
C:\WINDOWS\stub24.ini moved successfully.
C:\WINDOWS\stub25.ini moved successfully.
C:\WINDOWS\stub26.ini moved successfully.
C:\WINDOWS\stub27.ini moved successfully.
C:\WINDOWS\stub28.ini moved successfully.
C:\WINDOWS\stub29.ini moved successfully.
C:\WINDOWS\stub3.ini moved successfully.
C:\WINDOWS\stub30.ini moved successfully.
C:\WINDOWS\stub31.ini moved successfully.
C:\WINDOWS\stub32.ini moved successfully.
C:\WINDOWS\stub33.ini moved successfully.
C:\WINDOWS\stub34.ini moved successfully.
C:\WINDOWS\stub35.ini moved successfully.
C:\WINDOWS\stub36.ini moved successfully.
C:\WINDOWS\stub37.ini moved successfully.
C:\WINDOWS\stub38.ini moved successfully.
C:\WINDOWS\stub39.ini moved successfully.
C:\WINDOWS\stub4.ini moved successfully.
C:\WINDOWS\stub40.ini moved successfully.
C:\WINDOWS\stub41.ini moved successfully.
C:\WINDOWS\stub42.ini moved successfully.
C:\WINDOWS\stub43.ini moved successfully.
C:\WINDOWS\stub44.ini moved successfully.
C:\WINDOWS\stub45.ini moved successfully.
C:\WINDOWS\stub46.ini moved successfully.
C:\WINDOWS\stub47.ini moved successfully.
C:\WINDOWS\stub48.ini moved successfully.
C:\WINDOWS\stub49.ini moved successfully.
C:\WINDOWS\stub5.ini moved successfully.
C:\WINDOWS\stub50.ini moved successfully.
C:\WINDOWS\stub51.ini moved successfully.
C:\WINDOWS\stub52.ini moved successfully.
C:\WINDOWS\stub53.ini moved successfully.
C:\WINDOWS\stub54.ini moved successfully.
C:\WINDOWS\stub55.ini moved successfully.
C:\WINDOWS\stub56.ini moved successfully.
C:\WINDOWS\stub57.ini moved successfully.
C:\WINDOWS\stub58.ini moved successfully.
C:\WINDOWS\stub59.ini moved successfully.
C:\WINDOWS\stub6.ini moved successfully.
C:\WINDOWS\stub60.ini moved successfully.
C:\WINDOWS\stub61.ini moved successfully.
C:\WINDOWS\stub62.ini moved successfully.
C:\WINDOWS\stub63.ini moved successfully.
C:\WINDOWS\stub64.ini moved successfully.
C:\WINDOWS\stub65.ini moved successfully.
C:\WINDOWS\stub66.ini moved successfully.
C:\WINDOWS\stub67.ini moved successfully.
C:\WINDOWS\stub68.ini moved successfully.
C:\WINDOWS\stub69.ini moved successfully.
C:\WINDOWS\stub7.ini moved successfully.
C:\WINDOWS\stub70.ini moved successfully.
C:\WINDOWS\stub71.ini moved successfully.
C:\WINDOWS\stub72.ini moved successfully.
C:\WINDOWS\stub73.ini moved successfully.
C:\WINDOWS\stub74.ini moved successfully.
C:\WINDOWS\stub75.ini moved successfully.
C:\WINDOWS\stub76.ini moved successfully.
C:\WINDOWS\stub77.ini moved successfully.
C:\WINDOWS\stub78.ini moved successfully.
C:\WINDOWS\stub79.ini moved successfully.
C:\WINDOWS\stub8.ini moved successfully.
C:\WINDOWS\stub80.ini moved successfully.
C:\WINDOWS\stub81.ini moved successfully.
C:\WINDOWS\stub82.ini moved successfully.
C:\WINDOWS\stub83.ini moved successfully.
C:\WINDOWS\stub84.ini moved successfully.
C:\WINDOWS\stub85.ini moved successfully.
C:\WINDOWS\stub86.ini moved successfully.
C:\WINDOWS\stub87.ini moved successfully.
C:\WINDOWS\stub88.ini moved successfully.
C:\WINDOWS\stub89.ini moved successfully.
C:\WINDOWS\stub9.ini moved successfully.
C:\WINDOWS\stub90.ini moved successfully.
C:\WINDOWS\stub91.ini moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49286 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 112094 bytes
->Flash cache emptied: 649 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 570037 bytes

User: Owner
->Temp folder emptied: 15041882 bytes
->Temporary Internet Files folder emptied: 37676075 bytes
->Java cache emptied: 150519326 bytes
->FireFox cache emptied: 29711064 bytes
->Google Chrome cache emptied: 134200578 bytes
->Flash cache emptied: 487 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 152404 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 351.00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

User: Owner
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.14.1 log created on 09232010_220349

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_67c.dat moved successfully.

Registry entries deleted on Reboot...

 

Here is the Security Check result:

Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 3
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Antivirus
avast! successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
Out of date HijackThis installed!
Malwarebytes' Anti-Malware
HijackThis 1.99.1
Java(TM) 6 Update 21
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Out of date Java installed!
Adobe Flash Player
Adobe Reader 7.1.0
Adobe Reader 7.0.5 Language Support
Out of date Adobe Reader installed!
Mozilla Firefox (3.5.3) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast4 aswUpdSv.exe
Alwil Software Avast4 ashServ.exe
Alwil Software Avast4 ashDisp.exe
Alwil Software Avast4 ashMaiSv.exe
Alwil Software Avast4 ashWebSv.exe
ewido anti-malware ewidoctrl.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

 

I haven't done the "Please run a free online scan with the ESET Online Scanner" thing yet. Should I do that first, or all this other stuff first?

 

JavaRa was in the middle of doing it's thing when one of those "JavaRa has just encountered an error and will have to shut down" things popped up. Shall I click on it again and see if it'll finish doing what it's supposed to?

 

Never mind, I just did and it worked. Here's the log file:

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Thu Sep 23 22:43:13 2010

Found and removed: C:\Program Files\Java\jre1.5.0_04

Found and removed: C:\Program Files\Java\jre1.5.0_06

Found and removed: C:\Program Files\Java\jre1.5.0_08

Found and removed: C:\Program Files\Java\jre1.5.0_09

Found and removed: C:\Program Files\Java\jre1.5.0_10

Found and removed: C:\Program Files\Java\jre1.5.0_11

Found and removed: C:\Program Files\Java\jre1.6.0_01

Found and removed: C:\Program Files\Java\jre1.6.0_02

Found and removed: C:\Program Files\Java\jre1.6.0_03

Found and removed: C:\Program Files\Java\jre1.6.0_05

Found and removed: C:\Program Files\Java\jre1.6.0_07

Found and removed: C:\Documents and Settings\Owner\Application Data\Sun\Java\jre1.6.0_11

Found and removed: C:\Documents and Settings\Owner\Application Data\Sun\Java\jre1.6.0_12

Found and removed: C:\Documents and Settings\Owner\Application Data\Sun\Java\jre1.6.0_13

Found and removed: C:\Documents and Settings\Owner\Application Data\Sun\Java\jre1.6.0_14

Found and removed: C:\Documents and Settings\Owner\Application Data\Sun\Java\jre1.6.0_15

Found and removed: C:\Documents and Settings\Owner\Application Data\Sun\Java\jre1.6.0_17

Found and removed: C:\Documents and Settings\Owner\Application Data\Sun\Java\jre1.6.0_18

Found and removed: C:\Documents and Settings\Owner\Application Data\Sun\Java\jre1.6.0_20

Found and removed: Software\JavaSoft\Java2D\1.5.0_04

Found and removed: Software\JavaSoft\Java2D\1.5.0_06

Found and removed: Software\JavaSoft\Java2D\1.5.0_08

Found and removed: Software\JavaSoft\Java2D\1.5.0_09

Found and removed: Software\JavaSoft\Java2D\1.5.0_10

Found and removed: Software\JavaSoft\Java2D\1.5.0_11

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510004

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510008

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510004

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510008

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510004

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510008

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\JavaPlugin.150_04

Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

Found and removed: SOFTWARE\Classes\JavaPlugin.150_08

Found and removed: SOFTWARE\Classes\JavaPlugin.150_09

Found and removed: SOFTWARE\Classes\JavaPlugin.150_10

Found and removed: SOFTWARE\Classes\JavaPlugin.150_11

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_04

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_08

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_09

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_04

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_08

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_09

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510008

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510009

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510008

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150040}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150080}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150090}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610007

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610007

Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

Found and removed: SOFTWARE\Classes\JavaPlugin.160_05

Found and removed: SOFTWARE\Classes\JavaPlugin.160_07

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_07

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_07

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160070}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_08

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_09

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11

Found and removed: Software\Classes\JavaPlugin.160_01

Found and removed: Software\Classes\JavaPlugin.160_02

Found and removed: Software\Classes\JavaPlugin.160_03

Found and removed: Software\Classes\JavaPlugin.160_05

Found and removed: Software\Classes\JavaPlugin.160_07

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_04\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_08\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_09\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_07

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_02

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

Found and removed: Software\JavaSoft\Java2D\1.6.0_05

Found and removed: Software\JavaSoft\Java2D\1.6.0_07

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_07

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_01.b06\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core1.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core2.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core3.zip

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Thu Sep 23 23:05:20 2010

------------------------------------

Finished reporting.