Solved Internet Access Only In Safe Mode

[Resolved] Internet Access Only In Safe Mode

Hello All,

I am attempting to fix a problem with my Mother In Law's HP Computer. It is running windows XP SP3. The computer was running fine until about a week ago. The problem began when anyone attempted to use ANY web browser. It would automatically redirect you to the AG Anti-Virus Website. If you clicked on the control panel, it would open for a split second, then close. I have tried using AVG Anti-Virus, Norton PFE, Kaspersky Internet Tools 2010, Spybot S&D and Malwarebytes to correct this problem. I have even tried WinsockXPFix. Each one has detected a virus the others have not been able to find, but has not fully resolved the problem.

However, none have fixed the problem with connection to the internet. If I press F8 and enter the Safe Mode, I am allowed to access the internet. However, if I allow the computer to start as it normally would, access to the internet is blocked.

Please let me know your thoughts regarding this matter.

Kurt.

 

Missing Files

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 9/26/2007 12:27:14 PM
System Uptime: 7/5/2010 6:54:17 AM (0 hours ago)

Motherboard: ASUSTeK Computer INC. | | 'P4SD-LA'
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | CPU 1 | 2800/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 134.855 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

32 Bit HP CIO Components Installer
3D Home Architect(r) Deluxe 3.0
Acrobat.com
ActiveSpeed
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3.2
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Bing Bar
Bing Bar Platform
Bonjour
BufferChm
C7200
C7200_Help
Copy
Coupon Printer for Windows
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
Driver Detective
eSupportQFolder
Fax
Google Toolbar for Internet Explorer
GPBaseService
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 10.0
HP Imaging Device Functions 10.0
HP Photosmart All-In-One Driver Software 10.0 Rel .2
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HPProductAssistant
iTunes
Java(TM) 6 Update 11
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Kaspersky Internet Security 2010
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium
Microsoft Office Web Components
Microsoft Office XP Media Content
Microsoft Office XP Small Business
Microsoft Office XP Web Components
Microsoft Search Enhancement Pack
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.6)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 6.0 Parser (KB933579)
NVIDIA Drivers
OpenOffice.org Installer 1.0
PanoStandAlone
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_Min
QuickTime
Scan
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
SkyCaddie Desktop
SmartWebPrintingOC
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Status
TaxACT 2009
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WeatherBug
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows Presentation Foundation
Windows XP Service Pack 3
Wolfenstein(TM) 1.1 Patch
XML Paper Specification Shared Components Pack 1.0
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

7/4/2010 5:49:03 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service SeaPort with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
7/3/2010 7:30:14 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load:
7/3/2010 5:20:34 PM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 2 time(s).
7/3/2010 5:20:08 PM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
7/3/2010 5:19:04 PM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/3/2010 4:40:43 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments " " in order to run the server: {000C101C-0000-0000-C000-000000000046}
7/3/2010 2:45:55 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm kl1 KLIF
7/3/2010 2:25:14 PM, error: Dhcp [1002] - The IP address lease 173.29.91.8 for the Network Card with network address 000C6E517557 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
7/3/2010 12:53:02 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SymSMR120 Tcpip WS2IFSL
7/3/2010 1:23:15 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service BITS with arguments " " in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
7/3/2010 1:20:23 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm
7/3/2010 1:17:44 PM, error: PlugPlayManager [11] - The device Root\LEGACY_SYMSMR120\0000 disappeared from the system without first being prepared for removal.
7/1/2010 8:52:29 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
7/1/2010 7:44:06 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments " " in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
7/1/2010 7:42:37 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm kl1 klif
7/1/2010 7:39:19 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec kl1 klif MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL
7/1/2010 7:23:09 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments " " in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
7/1/2010 7:23:05 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL
7/1/2010 7:23:05 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
7/1/2010 7:23:05 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/1/2010 7:23:05 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/1/2010 7:23:05 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
7/1/2010 7:23:05 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/1/2010 7:23:05 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/1/2010 7:22:11 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments " " in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
7/1/2010 7:22:08 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
62081451 Fips intelppm kl1 KLIF setup_9.0.0.722_03.07.2010_23-47drv
62081451 Fips intelppm kl1 KLIF setup_9.0.0.722_03.07.2010_23-47drv
62081451 AFD Fips intelppm IPSec kl1 KLIF MRxSmb NetBIOS NetBT RasAcd Rdbss setup_9.0.0.722_03.07.2010_23-47drv Tcpip WS2IFSL
6/28/2010 6:56:19 AM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
6/28/2010 6:54:57 AM, error: Service Control Manager [7000] - The Print Port Scanner Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/28/2010 6:20:03 PM, error: PSched [14103] - QoS [Adapter {08616AF8-7501-4CB1-A5D6-5B69BEA1A17E}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
29411622 PCIIde
29411622 Fips intelppm kl1 KLIF
29411622 Fips intelppm kl1 KLIF
29411622
29411622
29411622
29411622
29411622
29411621
29411621
29411621
29411621
29411621

==== End Of File ===========================

 

DDS Pt 1

DDS (Ver_10-03-17.01) - NTFSx86 NETWORK
Run by Administrator at 6:57:14.12 on Mon 07/05/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.752 [GMT -5:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

mStart Page = about:blank
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Ask Search Assistant BHO: {0579b4b1-0293-4d73-b02d-5ebb0ba0f0a2} - c:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1355.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: @c:\program files\msn toolbar\platform\5.0.1355.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1355.0\npwinext.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [SpybotDeletingB3882] command.com /c del "c:\documents and settings\owner\application data\regclean\log\2008 Jul 27 - 08_48_52 AM_125.log "
uRunOnce: [SpybotDeletingD547] cmd.exe /c del "c:\documents and settings\owner\application data\regclean\log\2008 Jul 27 - 08_48_52 AM_125.log "
uRunOnce: [SpybotDeletingB6270] command.com /c del "c:\program files\asksbar\bar\1.bin\A2HIGHIN.EXE "
uRunOnce: [SpybotDeletingD3614] cmd.exe /c del "c:\program files\asksbar\bar\1.bin\A2HIGHIN.EXE "
uRunOnce: [SpybotDeletingB2146] command.com /c del "c:\program files\asksbar\bar\1.bin\A2FFXTBR.MANIFEST "
uRunOnce: [SpybotDeletingD4787] cmd.exe /c del "c:\program files\asksbar\bar\1.bin\A2FFXTBR.MANIFEST "
uRunOnce: [SpybotDeletingB4392] command.com /c del "c:\program files\asksbar\bar\1.bin\A2NTSTBR.MANIFEST "
uRunOnce: [SpybotDeletingD7689] cmd.exe /c del "c:\program files\asksbar\bar\1.bin\A2NTSTBR.MANIFEST "
uRunOnce: [SpybotDeletingB3933] command.com /c del "c:\program files\asksbar\bar\1.bin\A2PLUGIN.DLL "
uRunOnce: [SpybotDeletingD4012] cmd.exe /c del "c:\program files\asksbar\bar\1.bin\A2PLUGIN.DLL "
uRunOnce: [SpybotDeletingB5392] command.com /c del "c:\program files\asksbar\bar\1.bin\NPASKSBR.DLL "
uRunOnce: [SpybotDeletingD122] cmd.exe /c del "c:\program files\asksbar\bar\1.bin\NPASKSBR.DLL "
uRunOnce: [SpybotDeletingB9047] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0000AFD7.bin "
uRunOnce: [SpybotDeletingD5598] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0000AFD7.bin "
uRunOnce: [SpybotDeletingB2275] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0000B1CB.bin "
uRunOnce: [SpybotDeletingD3936] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0000B1CB.bin "
uRunOnce: [SpybotDeletingB5148] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0000B5A4.bin "
uRunOnce: [SpybotDeletingD4843] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0000B5A4.bin "
uRunOnce: [SpybotDeletingB8425] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0000BFC5.bin "
uRunOnce: [SpybotDeletingD6816] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0000BFC5.bin "
uRunOnce: [SpybotDeletingB8401] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0000C6AB.bin "
uRunOnce: [SpybotDeletingD8187] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0000C6AB.bin "
uRunOnce: [SpybotDeletingB6349] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0000DB1D.bin "
uRunOnce: [SpybotDeletingD446] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0000DB1D.bin "
uRunOnce: [SpybotDeletingB6401] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0000E157.bin "
uRunOnce: [SpybotDeletingD8837] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0000E157.bin "
uRunOnce: [SpybotDeletingB2272] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00013478.bin "
uRunOnce: [SpybotDeletingD9123] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00013478.bin "
uRunOnce: [SpybotDeletingB3477] command.com /c del "c:\program files\mywebsearchwb\bar\cache\000158AA.bin "
uRunOnce: [SpybotDeletingD6500] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\000158AA.bin "
uRunOnce: [SpybotDeletingB1621] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0001D675.bin "
uRunOnce: [SpybotDeletingD5293] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0001D675.bin "
uRunOnce: [SpybotDeletingB9677] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0001E068.bin "
uRunOnce: [SpybotDeletingD8605] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0001E068.bin "
uRunOnce: [SpybotDeletingB19] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0002529A.bin "
uRunOnce: [SpybotDeletingD7201] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0002529A.bin "
uRunOnce: [SpybotDeletingB671] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0002CBB2.bin "
uRunOnce: [SpybotDeletingD7043] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0002CBB2.bin "
uRunOnce: [SpybotDeletingB7823] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00060A43.bin "
uRunOnce: [SpybotDeletingD7309] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00060A43.bin "
uRunOnce: [SpybotDeletingB6782] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0008530A.bin "
uRunOnce: [SpybotDeletingD3678] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0008530A.bin "
uRunOnce: [SpybotDeletingB1029] command.com /c del "c:\program files\mywebsearchwb\bar\cache\000A24BD "
uRunOnce: [SpybotDeletingD4851] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0130170B.bin "
uRunOnce: [SpybotDeletingB1369] command.com /c del "c:\program files\mywebsearchwb\bar\cache\000A29AF.bin "
uRunOnce: [SpybotDeletingD2686] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\000A29AF.bin "
uRunOnce: [SpybotDeletingB7022] command.com /c del "c:\program files\mywebsearchwb\bar\cache\000A2AF7.bin "
uRunOnce: [SpybotDeletingD5025] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\000A2AF7.bin "
uRunOnce: [SpybotDeletingB2962] command.com /c del "c:\program files\mywebsearchwb\bar\cache\000A2CCC.bin "
uRunOnce: [SpybotDeletingD2438] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\000A2CCC.bin "
uRunOnce: [SpybotDeletingB5118] command.com /c del "c:\program files\mywebsearchwb\bar\cache\000A3A0A.bin "
uRunOnce: [SpybotDeletingD253] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\000A3A0A.bin "
uRunOnce: [SpybotDeletingB5571] command.com /c del "c:\program files\mywebsearchwb\bar\cache\000A3AD5.bin "
uRunOnce: [SpybotDeletingD2345] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\000A3AD5.bin "
uRunOnce: [SpybotDeletingB6052] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00117A0F.bin "
uRunOnce: [SpybotDeletingD4888] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00117A0F.bin "
uRunOnce: [SpybotDeletingB2307] command.com /c del "c:\program files\mywebsearchwb\bar\cache\001C2448.bin "
uRunOnce: [SpybotDeletingD3752] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\001C2448.bin "
uRunOnce: [SpybotDeletingB8503] command.com /c del "c:\program files\mywebsearchwb\bar\cache\001C2477.bin "
uRunOnce: [SpybotDeletingD5661] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\001C2477.bin "
uRunOnce: [SpybotDeletingB3319] command.com /c del "c:\program files\mywebsearchwb\bar\cache\001C2542.bin "
uRunOnce: [SpybotDeletingD4782] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\001C2542.bin "
uRunOnce: [SpybotDeletingB3539] command.com /c del "c:\program files\mywebsearchwb\bar\cache\001C25EE.bin "
uRunOnce: [SpybotDeletingD7181] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\001C25EE.bin "
uRunOnce: [SpybotDeletingB7302] command.com /c del "c:\program files\mywebsearchwb\bar\cache\001C2775.bin "
uRunOnce: [SpybotDeletingD9207] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\001C2775.bin "
uRunOnce: [SpybotDeletingB9233] command.com /c del "c:\program files\mywebsearchwb\bar\cache\036FE2EA.bin "
uRunOnce: [SpybotDeletingD737] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\001C2E0C.bin "
uRunOnce: [SpybotDeletingB6758] command.com /c del "c:\program files\mywebsearchwb\bar\cache\001C4ABC.bin "
uRunOnce: [SpybotDeletingD9191] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\001C4ABC.bin "
uRunOnce: [SpybotDeletingB3146] command.com /c del "c:\program files\mywebsearchwb\bar\cache\001D4F0D.bin "
uRunOnce: [SpybotDeletingD3884] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\001D4F0D.bin "
uRunOnce: [SpybotDeletingB6326] command.com /c del "c:\program files\mywebsearchwb\bar\cache\001D4FF7.bin "
uRunOnce: [SpybotDeletingD5510] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\001D4FF7.bin "
uRunOnce: [SpybotDeletingB6900] command.com /c del "c:\program files\mywebsearchwb\bar\cache\002025AC.bin "
uRunOnce: [SpybotDeletingD2431] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\002025AC.bin "
uRunOnce: [SpybotDeletingB8016] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00202687.bin "
uRunOnce: [SpybotDeletingD8460] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00202687.bin "
uRunOnce: [SpybotDeletingB5979] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0020283D.bin "
uRunOnce: [SpybotDeletingD97] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0020283D.bin "
uRunOnce: [SpybotDeletingB3373] command.com /c del "c:\program files\mywebsearchwb\bar\cache\002108B9.bin "
uRunOnce: [SpybotDeletingD1629] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\002108B9.bin "
uRunOnce: [SpybotDeletingB4706] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0022CC91.bin "
uRunOnce: [SpybotDeletingD4996] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0022CC91.bin "
uRunOnce: [SpybotDeletingB3702] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0024DF16.bin "
uRunOnce: [SpybotDeletingD2621] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0024DF16.bin "
uRunOnce: [SpybotDeletingB6303] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00267239.bin "
uRunOnce: [SpybotDeletingD2737] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00267239.bin "
uRunOnce: [SpybotDeletingB9655] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0026741D.bin "
uRunOnce: [SpybotDeletingD7803] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0026741D.bin "
uRunOnce: [SpybotDeletingB3764] command.com /c del "c:\program files\mywebsearchwb\bar\cache\03B9AABB.bin "
uRunOnce: [SpybotDeletingD5873] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00267546.bin "
uRunOnce: [SpybotDeletingB9320] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0028E4CF.bin "
uRunOnce: [SpybotDeletingD94] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0028E4CF.bin "
uRunOnce: [SpybotDeletingB3021] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00379908.bin "
uRunOnce: [SpybotDeletingD6715] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00379908.bin "
uRunOnce: [SpybotDeletingB3506] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00379A50.bin "
uRunOnce: [SpybotDeletingD9091] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00379A50.bin "
uRunOnce: [SpybotDeletingB8733] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00379B2B.bin "
uRunOnce: [SpybotDeletingD6487] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00379B2B.bin "
uRunOnce: [SpybotDeletingB5287] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0037AB67.bin "
uRunOnce: [SpybotDeletingD7519] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0037AB67.bin "
uRunOnce: [SpybotDeletingB6186] command.com /c del "c:\program files\mywebsearchwb\bar\cache\003894EC.bin "
uRunOnce: [SpybotDeletingD1611] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\003894EC.bin "
uRunOnce: [SpybotDeletingB3316] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0038B209.bin "
uRunOnce: [SpybotDeletingD7086] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0038B209.bin "
uRunOnce: [SpybotDeletingB1678] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0038B342.bin "
uRunOnce: [SpybotDeletingD5062] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0038B342.bin "
uRunOnce: [SpybotDeletingB380] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0038B48A.bin "
uRunOnce: [SpybotDeletingD9420] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0038B48A.bin "
uRunOnce: [SpybotDeletingB6201] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0038B526.bin "
uRunOnce: [SpybotDeletingD6626] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0038B526.bin "
uRunOnce: [SpybotDeletingB7678] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0039DAAB.bin "
uRunOnce: [SpybotDeletingD9913] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0039DAAB.bin "
uRunOnce: [SpybotDeletingB7047] command.com /c del "c:\program files\mywebsearchwb\bar\cache\004C100B.bin "
uRunOnce: [SpybotDeletingD2337] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\004C100B.bin "
uRunOnce: [SpybotDeletingB4320] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0052CA17.bin "
uRunOnce: [SpybotDeletingD1742] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0052CA17.bin "
uRunOnce: [SpybotDeletingB7132] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00532B81.bin "
uRunOnce: [SpybotDeletingD6388] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00532B81.bin "
uRunOnce: [SpybotDeletingB2661] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00550B8B.bin "
uRunOnce: [SpybotDeletingD4237] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00550B8B.bin "
uRunOnce: [SpybotDeletingB4639] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00567DB9.bin "
uRunOnce: [SpybotDeletingD6963] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00567DB9.bin "
uRunOnce: [SpybotDeletingB9587] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0056802A.bin "
uRunOnce: [SpybotDeletingD4698] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0056802A.bin "
uRunOnce: [SpybotDeletingB976] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00568105.bin "
uRunOnce: [SpybotDeletingD7203] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00568105.bin "
uRunOnce: [SpybotDeletingB5377] command.com /c del "c:\program files\mywebsearchwb\bar\cache\005681A1.bin "
uRunOnce: [SpybotDeletingD4634] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\005681A1.bin "
uRunOnce: [SpybotDeletingB5248] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00610392.bin "
uRunOnce: [SpybotDeletingD706] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00610392.bin "
uRunOnce: [SpybotDeletingB6308] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00610595.bin "
uRunOnce: [SpybotDeletingD8383] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00610595.bin "
uRunOnce: [SpybotDeletingB7637] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00746A8D.bin "
uRunOnce: [SpybotDeletingD3236] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00746A8D.bin "
uRunOnce: [SpybotDeletingB5833] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00746B67.bin "
uRunOnce: [SpybotDeletingD1042] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02169843.bin "
uRunOnce: [SpybotDeletingB7977] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0085267C "
uRunOnce: [SpybotDeletingD555] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0085267C "
uRunOnce: [SpybotDeletingB4293] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00992CA5.bin "
uRunOnce: [SpybotDeletingD351] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00992CA5.bin "
uRunOnce: [SpybotDeletingB5765] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00A0B9FF "
uRunOnce: [SpybotDeletingD4454] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00A0B9FF "
uRunOnce: [SpybotDeletingB1567] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00A59354.bin "
uRunOnce: [SpybotDeletingD2004] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00A59354.bin "
uRunOnce: [SpybotDeletingB3709] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00A59F98.bin "
uRunOnce: [SpybotDeletingD8457] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00A59F98.bin "
uRunOnce: [SpybotDeletingB1802] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00A5ABCD.bin "
uRunOnce: [SpybotDeletingD6174] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00A5ABCD.bin "
uRunOnce: [SpybotDeletingB3181] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00A5B851.bin "
uRunOnce: [SpybotDeletingD3900] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00A5B851.bin "
uRunOnce: [SpybotDeletingB5382] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00A5F8D4.bin "
uRunOnce: [SpybotDeletingD1311] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00A5F8D4.bin "
uRunOnce: [SpybotDeletingB4636] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00A60538.bin "
uRunOnce: [SpybotDeletingD7645] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00A60538.bin "
uRunOnce: [SpybotDeletingB472] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00AFC763.bin "
uRunOnce: [SpybotDeletingD843] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00AFC763.bin "
uRunOnce: [SpybotDeletingB8613] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00C1CCBB.bin "
uRunOnce: [SpybotDeletingD1361] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\00C1CCBB.bin "
uRunOnce: [SpybotDeletingB6189] command.com /c del "c:\program files\mywebsearchwb\bar\cache\00F999C4.bin "
uRunOnce: [SpybotDeletingD2825] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\016AE8E8.bin "
uRunOnce: [SpybotDeletingB7456] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0114B5C4.bin "
uRunOnce: [SpybotDeletingD6285] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0114B5C4.bin "
uRunOnce: [SpybotDeletingB4986] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0114B77A.bin "
uRunOnce: [SpybotDeletingD8641] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0114B77A.bin "
uRunOnce: [SpybotDeletingB4214] command.com /c del "c:\program files\mywebsearchwb\bar\cache\011505D8.bin "
uRunOnce: [SpybotDeletingD1973] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\011505D8.bin "
uRunOnce: [SpybotDeletingB2137] command.com /c del "c:\program files\mywebsearchwb\bar\cache\012ED544.bin "
uRunOnce: [SpybotDeletingD9463] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\012ED544.bin "
uRunOnce: [SpybotDeletingB9988] command.com /c del "c:\program files\mywebsearchwb\bar\cache\012ED719.bin "
uRunOnce: [SpybotDeletingD702] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\012ED719.bin "
uRunOnce: [SpybotDeletingB4265] command.com /c del "c:\program files\mywebsearchwb\bar\cache\012EE3BB.bin "
uRunOnce: [SpybotDeletingD5326] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\012EE3BB.bin "
uRunOnce: [SpybotDeletingB5498] command.com /c del "c:\program files\mywebsearchwb\bar\cache\012F08C8.bin "
uRunOnce: [SpybotDeletingD5834] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\012F08C8.bin "
uRunOnce: [SpybotDeletingB5875] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0130170B.bin "
uRunOnce: [SpybotDeletingB5657] command.com /c del "c:\program files\mywebsearchwb\bar\cache\01324361.bin "
uRunOnce: [SpybotDeletingD2915] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\01324361.bin "
uRunOnce: [SpybotDeletingB5053] command.com /c del "c:\program files\mywebsearchwb\bar\cache\013944F5.bin "
uRunOnce: [SpybotDeletingD2497] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\013944F5.bin "
uRunOnce: [SpybotDeletingB6778] command.com /c del "c:\program files\mywebsearchwb\bar\cache\013946CA.bin "
uRunOnce: [SpybotDeletingD3184] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\013946CA.bin "
uRunOnce: [SpybotDeletingB2064] command.com /c del "c:\program files\mywebsearchwb\bar\cache\01394776.bin "
uRunOnce: [SpybotDeletingD2483] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\01394776.bin "
uRunOnce: [SpybotDeletingB9947] command.com /c del "c:\program files\mywebsearchwb\bar\cache\014D0701.bin "
uRunOnce: [SpybotDeletingD6221] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\014D0701.bin "
uRunOnce: [SpybotDeletingB6115] command.com /c del "c:\program files\mywebsearchwb\bar\cache\014D0859.bin "
uRunOnce: [SpybotDeletingD5311] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\014D0859.bin "
uRunOnce: [SpybotDeletingB7318] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0158354F.bin "
uRunOnce: [SpybotDeletingD2620] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0158354F.bin "
uRunOnce: [SpybotDeletingB1188] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0160CF65.bin "
uRunOnce: [SpybotDeletingD2191] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0160CF65.bin "
uRunOnce: [SpybotDeletingB9745] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0165F68C.bin "
uRunOnce: [SpybotDeletingD8802] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0165F68C.bin "
uRunOnce: [SpybotDeletingB6236] command.com /c del "c:\program files\mywebsearchwb\bar\cache\016AE8E8.bin "
uRunOnce: [SpybotDeletingB6675] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CB89D.bin "
uRunOnce: [SpybotDeletingD3793] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CB89D.bin "
uRunOnce: [SpybotDeletingB6719] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CBA24.bin "
uRunOnce: [SpybotDeletingD1782] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CBA24.bin "
uRunOnce: [SpybotDeletingB8911] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CBB0E.bin "
uRunOnce: [SpybotDeletingD3565] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CBB0E.bin "
uRunOnce: [SpybotDeletingB8066] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CBC56.bin "
uRunOnce: [SpybotDeletingD9106] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CBC56.bin "
uRunOnce: [SpybotDeletingB8814] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CBD02.bin "
uRunOnce: [SpybotDeletingD8324] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CBD02.bin "
uRunOnce: [SpybotDeletingB712] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CBEA8.bin "
uRunOnce: [SpybotDeletingD6303] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CBEA8.bin "
uRunOnce: [SpybotDeletingB7034] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CC02F.bin "
uRunOnce: [SpybotDeletingD5096] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CC02F.bin "
uRunOnce: [SpybotDeletingB5368] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CC0CB.bin "
uRunOnce: [SpybotDeletingD20] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CC0CB.bin "
uRunOnce: [SpybotDeletingB1042] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CCD00.bin "
uRunOnce: [SpybotDeletingD5872] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CCD00.bin "
uRunOnce: [SpybotDeletingB6306] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CCE29.bin "
uRunOnce: [SpybotDeletingD6759] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CCE29.bin "
uRunOnce: [SpybotDeletingB2447] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CCF90.bin "
uRunOnce: [SpybotDeletingD9392] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CCF90.bin "
uRunOnce: [SpybotDeletingB235] command.com /c del "c:\program files\mywebsearchwb\bar\cache\023236E1.bin "
uRunOnce: [SpybotDeletingD9232] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CDC04.bin "
uRunOnce: [SpybotDeletingB1422] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019CDD2D.bin "
uRunOnce: [SpybotDeletingD9408] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019CDD2D.bin "
uRunOnce: [SpybotDeletingB1494] command.com /c del "c:\program files\mywebsearchwb\bar\cache\019E0CC3.bin "
uRunOnce: [SpybotDeletingD7004] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\019E0CC3.bin "
uRunOnce: [SpybotDeletingB9902] command.com /c del "c:\program files\mywebsearchwb\bar\cache\01B826F4.bin "
uRunOnce: [SpybotDeletingD1568] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\01B826F4.bin "
uRunOnce: [SpybotDeletingB4405] command.com /c del "c:\program files\mywebsearchwb\bar\cache\01DE4CA4.bin "
uRunOnce: [SpybotDeletingD6020] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\01DE4CA4.bin "
uRunOnce: [SpybotDeletingB8055] command.com /c del "c:\program files\mywebsearchwb\bar\cache\01F4318F.bin "
uRunOnce: [SpybotDeletingD5891] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\01F4318F.bin "
uRunOnce: [SpybotDeletingB2048] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0216967E.bin "
uRunOnce: [SpybotDeletingD9583] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0216967E.bin "
uRunOnce: [SpybotDeletingB6446] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02169843.bin "
uRunOnce: [SpybotDeletingB1198] command.com /c del "c:\program files\mywebsearchwb\bar\cache\022653E9.bin "
uRunOnce: [SpybotDeletingD792] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\022653E9.bin "
uRunOnce: [SpybotDeletingB153] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02265512.bin "
uRunOnce: [SpybotDeletingD5825] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02265512.bin "
uRunOnce: [SpybotDeletingB9660] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02266231.bin "
uRunOnce: [SpybotDeletingD1907] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02266231.bin "
uRunOnce: [SpybotDeletingB225] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02314B96.bin "
uRunOnce: [SpybotDeletingD4211] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02314B96.bin "
uRunOnce: [SpybotDeletingB1869] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02321119.bin "
uRunOnce: [SpybotDeletingD6757] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02321119.bin "
uRunOnce: [SpybotDeletingB7651] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02321203.bin "
uRunOnce: [SpybotDeletingD6196] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02321203.bin "
uRunOnce: [SpybotDeletingB8607] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02321E38.bin "
uRunOnce: [SpybotDeletingD7877] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02321E38.bin "
uRunOnce: [SpybotDeletingB2601] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02322A00.bin "
uRunOnce: [SpybotDeletingD9019] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02322A00.bin "
uRunOnce: [SpybotDeletingD9849] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\023236E1.bin "
uRunOnce: [SpybotDeletingB4955] command.com /c del "c:\program files\mywebsearchwb\bar\cache\025F3168.bin "
uRunOnce: [SpybotDeletingD6786] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\025F3168.bin "
uRunOnce: [SpybotDeletingB5774] command.com /c del "c:\program files\mywebsearchwb\bar\cache\025F3213.bin "
uRunOnce: [SpybotDeletingD8967] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\025F3213.bin "
uRunOnce: [SpybotDeletingB723] command.com /c del "c:\program files\mywebsearchwb\bar\cache\025F32BF.bin "
uRunOnce: [SpybotDeletingD1708] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\025F32BF.bin "
uRunOnce: [SpybotDeletingB8708] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0262B3A9.bin "
uRunOnce: [SpybotDeletingD9765] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0262B3A9.bin "
uRunOnce: [SpybotDeletingB4751] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0262B510.bin "
uRunOnce: [SpybotDeletingD5362] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0262B510.bin "
uRunOnce: [SpybotDeletingB324] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0268B254.bin "
uRunOnce: [SpybotDeletingD971] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0268B254.bin "
uRunOnce: [SpybotDeletingB9992] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0279D327.bin "
uRunOnce: [SpybotDeletingD6647] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0279D327.bin "
uRunOnce: [SpybotDeletingB1902] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0279D615.bin "
uRunOnce: [SpybotDeletingD2091] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0279D615.bin "
uRunOnce: [SpybotDeletingB9291] command.com /c del "c:\program files\mywebsearchwb\bar\cache\0279D72F.bin "
uRunOnce: [SpybotDeletingD1749] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\0279D72F.bin "
uRunOnce: [SpybotDeletingB558] command.com /c del "c:\program files\mywebsearchwb\bar\cache\027DBC60.bin "
uRunOnce: [SpybotDeletingD4596] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\027DBC60.bin "
uRunOnce: [SpybotDeletingB8319] command.com /c del "c:\program files\mywebsearchwb\bar\cache\027DC931.bin "
uRunOnce: [SpybotDeletingD9823] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\027DC931.bin "
uRunOnce: [SpybotDeletingB2258] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02BC0736 "
uRunOnce: [SpybotDeletingD8829] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02BC0736 "
uRunOnce: [SpybotDeletingB1979] command.com /c del "c:\program files\mywebsearchwb\bar\cache\02BCFF91.bin "
uRunOnce: [SpybotDeletingD795] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\02BCFF91.bin "
uRunOnce: [SpybotDeletingB2253] command.com /c del "c:\program files\mywebsearchwb\bar\cache\035D2389.bin "
uRunOnce: [SpybotDeletingD7798] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\035D2389.bin "
uRunOnce: [SpybotDeletingB4153] command.com /c del "c:\program files\mywebsearchwb\bar\cache\036FD85B.bin "
uRunOnce: [SpybotDeletingD5671] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\036FD85B.bin "
uRunOnce: [SpybotDeletingB6488] command.com /c del "c:\program files\mywebsearchwb\bar\cache\036FE0B7.bin "
uRunOnce: [SpybotDeletingD215] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\036FE0B7.bin "
uRunOnce: [SpybotDeletingD8952] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\036FE2EA.bin "
uRunOnce: [SpybotDeletingB3370] command.com /c del "c:\program files\mywebsearchwb\bar\cache\036FE480.bin "
uRunOnce: [SpybotDeletingD9293] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\036FE480.bin "
uRunOnce: [SpybotDeletingB6936] command.com /c del "c:\program files\mywebsearchwb\bar\cache\036FE636.bin "
uRunOnce: [SpybotDeletingD1191] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\036FE636.bin "
uRunOnce: [SpybotDeletingB5900] command.com /c del "c:\program files\mywebsearchwb\bar\cache\036FE80A.bin "
uRunOnce: [SpybotDeletingD2828] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\036FE80A.bin "
uRunOnce: [SpybotDeletingB4568] command.com /c del "c:\program files\mywebsearchwb\bar\cache\036FE904.bin "
uRunOnce: [SpybotDeletingD2501] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\036FE904.bin "
uRunOnce: [SpybotDeletingB724] command.com /c del "c:\program files\mywebsearchwb\bar\cache\036FEA3D.bin "
uRunOnce: [SpybotDeletingD38] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\036FEA3D.bin "
uRunOnce: [SpybotDeletingB8320] command.com /c del "c:\program files\mywebsearchwb\bar\cache\036FEC31.bin "
uRunOnce: [SpybotDeletingD4386] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\036FEC31.bin "
uRunOnce: [SpybotDeletingB1201] command.com /c del "c:\program files\mywebsearchwb\bar\cache\038CE2AE.bin "
uRunOnce: [SpybotDeletingD8483] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\038CE2AE.bin "
uRunOnce: [SpybotDeletingB6776] command.com /c del "c:\program files\mywebsearchwb\bar\cache\03B9A8F6.bin "
uRunOnce: [SpybotDeletingD63] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\03B9A8F6.bin "
uRunOnce: [SpybotDeletingD3389] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\03B9AABB.bin "
uRunOnce: [SpybotDeletingB5575] command.com /c del "c:\program files\mywebsearchwb\bar\cache\03CDF35C.bin "
uRunOnce: [SpybotDeletingD5558] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\03CDF35C.bin "
uRunOnce: [SpybotDeletingB5971] command.com /c del "c:\program files\mywebsearchwb\bar\cache\03EB0159 "
uRunOnce: [SpybotDeletingD242] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\03EB0159 "
uRunOnce: [SpybotDeletingB2912] command.com /c del "c:\program files\mywebsearchwb\bar\cache\07782BBF.bin "
uRunOnce: [SpybotDeletingD923] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\07782BBF.bin "
uRunOnce: [SpybotDeletingB3116] command.com /c del "c:\program files\mywebsearchwb\bar\cache\files.ini "
uRunOnce: [SpybotDeletingD6270] cmd.exe /c del "c:\program files\mywebsearchwb\bar\cache\files.ini "
uRunOnce: [SpybotDeletingB2411] command.com /c del "c:\program files\mywebsearchwb\bar\history\search "
uRunOnce: [SpybotDeletingD8321] cmd.exe /c del "c:\program files\mywebsearchwb\bar\history\search "
uRunOnce: [SpybotDeletingB4469] command.com /c del "c:\program files\mywebsearchwb\bar\settings\prevcfg.htm "
uRunOnce: [SpybotDeletingD5144] cmd.exe /c del "c:\program files\mywebsearchwb\bar\settings\prevcfg.htm "
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1355.0\mswinext.exe "
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe "
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: microsoft.com\www.update
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://pcpitstop.com/betapit/PCPitStop.CAB
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} - hxxp://pcpitstop.com/internet/pcpConnCheck.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1206890859984
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://sdlc-esd.sun.com/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?AuthParam=1228566529_f205b0b705b402f1ecce6641ec74c7ea&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab&File=jinstall-6u11-windows-i586-jc.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} - hxxp://www.parker.com/cadfiles/dwfviewer/DwfViewerSetup.cab
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} - hxxp://cnn-5.vo.llnwd.net/c1/static/cab_headless/GameTapWebUpdater.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {FB298ECE-4D17-414A-A5E8-FABC938796B2} - hxxp://www.kohlerplus.com/_bin/AWSDrawingViewer.cab
DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} - file:///D:/CDVIEWER/CdViewer.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: {97d2dfac-9acb-4d6f-ac2b-ab6ee090f649}: bebization

 

Unable to Run Java Update

I have tried running the Java Update and cannot do so in the safe mode. A message pops up stating the administrator is not allowing this.

Also, I have been trying to post the DDS, but keep getting a system timeout error from the server.

 

DDS (Ver_10-03-17.01) - NTFSx86 NETWORK
Run by Administrator at 6:57:14.12 on Mon 07/05/2010

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\880gcqa6.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\microsoft\search enhancement pack\search helper\firefoxextension\searchhelperextension\components\SEPsearchhelperff.dll
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: c:\program files\msn toolbar\platform\5.0.1355.0\firefox\components\DomBridge.dll
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\msn toolbar\platform\5.0.1355.0\npwinext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_popup_windows ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.enable_click_image_resizing ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "accessibility.browsewithcaret_shortcut.enabled ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.high_water_mark ", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.gc_frequency ", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.lu ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nu ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nz ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--p1ai ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbayh7gpa ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.tel ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.proxy.type ", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref( "dom.ipc.plugins.timeoutSecs ", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.trackpoint_hack.enabled ", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.debug ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.agedWeight ", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.bucketSize ", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.maxTimeGroupings ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.timeGroupingSize ", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.boundaryWeight ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.prefixWeight ", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref( "accelerometer.enabled ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "html5.enable ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.download.backgroundInterval ", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "browser.search.param.yahoo-fr-ja ", "mozff ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add ", "addons.mozilla.org ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add.36 ", "getpersonas.com ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "lightweightThemes.update.enabled ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.allTabs.previews ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.hide_infobar_for_outdated_plugin ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "toolbar.customization.usesheet ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.nptest.dll ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npswf32.dll ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npctrl.dll ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npqtplugin.dll ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.enable ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.max ", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.cachetime ", 20);

============= SERVICES / DRIVERS ===============

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2009-9-14 32272]
S0 29411622;29411622 Boot Guard Driver;c:\windows\system32\drivers\29411622.sys --> c:\windows\system32\drivers\29411622.sys [?]
S1 29411621;29411621;c:\windows\system32\drivers\29411621.sys [2010-7-3 128016]
S1 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2009-9-1 128016]
S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-7-3 315408]
S2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe [2009-10-20 340456]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472]

=============== Created Last 30 ================

2010-07-04 22:47:21 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-07-04 22:14:18 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-04 22:14:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-04 22:14:08 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-04 00:29:56 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-07-04 00:29:56 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-07-04 00:10:11 315408 ----a-w- c:\windows\system32\drivers\2941162.sys
2010-07-04 00:10:11 128016 ----a-w- c:\windows\system32\drivers\29411621.sys
2010-07-03 21:40:51 0 dc----w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-07-03 21:26:17 0 d-----w- c:\docume~1\admini~1\applic~1\ElevatedDiagnostics
2010-07-03 21:24:20 0 d-sh--w- c:\documents and settings\administrator\IECompatCache
2010-07-03 21:23:57 0 d-sh--w- c:\documents and settings\administrator\PrivacIE
2010-07-03 18:31:37 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-07-03 18:31:37 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-07-03 18:30:45 0 d-----w- c:\program files\Kaspersky Lab
2010-07-03 18:30:45 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2010-07-03 18:20:23 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2010-07-03 16:52:00 0 d-----w- c:\program files\AVG
2010-07-03 16:46:00 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-06-11 00:06:13 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

==================== Find3M ====================

2010-05-06 10:41:53 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll
2008-07-22 18:01:13 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008072220080723\index.dat
2009-01-20 18:43:01 16384 --sha-w- c:\windows\temp\cookies\index.dat
2009-01-20 18:43:01 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2009-01-20 18:43:01 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 6:58:19.96 ===============

 

Sorry about the mess I have made with this post. I had to split the DDS file into two parts. The first includes the Internet Explorer info, the second part contains Firefox info.

Thank you for your patience regarding this matter.

 

Broni,

Here are the log files you have requested:

ComboFix 10-07-04.04 - Owner 07/05/2010 14:24:09.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.557 [GMT -5:00]
Running from: c:\documents and settings\Owner.LARRY-8B333E52E\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Owner\System
c:\documents and settings\Owner\System\win_qs8.jqx

.
((((((((((((((((((((((((( Files Created from 2010-06-05 to 2010-07-05 )))))))))))))))))))))))))))))))
.

2010-07-05 19:10 . 2010-07-05 19:10 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Identities
2010-07-05 18:34 . 2010-07-05 18:39 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E\Application Data\HPAppData
2010-07-05 18:34 . 2010-07-05 18:34 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Google
2010-07-05 18:34 . 2010-07-05 18:34 125952 ----a-w- c:\documents and settings\All Users\Application Data\ParetoLogic\UUS2\Temp\Update.exe
2010-07-05 18:15 . 2010-07-05 18:15 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\WeatherBug
2010-07-05 18:15 . 2010-07-05 18:15 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E\Application Data\WeatherBug
2010-07-05 18:14 . 2010-07-05 18:14 18944 ----a-r- c:\documents and settings\Owner.LARRY-8B333E52E\Application Data\Microsoft\Installer\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}\IconBB6A16301.exe
2010-07-05 18:14 . 2010-07-05 18:14 11264 ----a-r- c:\documents and settings\Owner.LARRY-8B333E52E\Application Data\Microsoft\Installer\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}\IconBB6A1630.exe
2010-07-05 18:14 . 2010-07-05 18:14 -------- d-----w- c:\program files\AWS
2010-07-05 18:12 . 2010-07-05 18:12 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\FixItCenter
2010-07-05 18:10 . 2010-07-05 18:10 -------- d-----w- c:\windows\MATS
2010-07-05 18:10 . 2010-07-05 18:10 -------- d-----w- c:\program files\Microsoft Fix it Center
2010-07-05 18:04 . 2010-07-05 18:04 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E\Application Data\ElevatedDiagnostics
2010-07-05 17:49 . 2010-07-05 17:49 -------- d-sh--w- c:\documents and settings\Owner.LARRY-8B333E52E\IECompatCache
2010-07-05 17:49 . 2010-07-05 17:49 -------- d-sh--w- c:\documents and settings\Owner.LARRY-8B333E52E\PrivacIE
2010-07-05 17:37 . 2010-07-05 17:37 86728 ----a-w- c:\documents and settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-05 17:36 . 2010-07-05 17:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2010-07-05 17:36 . 2010-07-05 17:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Cached Installations
2010-07-05 17:15 . 2010-07-05 17:15 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-05 17:00 . 2010-07-05 17:02 -------- dc-h--w- c:\windows\ie8
2010-07-05 16:15 . 2010-07-04 02:02 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Apple Computer
2010-07-05 16:15 . 2010-07-04 02:02 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E\Application Data\Apple Computer
2010-07-05 16:15 . 2010-06-11 02:00 -------- d-sh--w- c:\documents and settings\Owner.LARRY-8B333E52E\IETldCache
2010-07-05 16:15 . 2010-07-05 17:49 -------- d-----w- c:\documents and settings\Owner.LARRY-8B333E52E
2010-07-05 15:56 . 2010-07-05 15:56 -------- d-----w- c:\program files\iPod
2010-07-05 15:56 . 2010-07-05 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-05 15:51 . 2010-07-05 15:51 -------- d-----w- c:\program files\Apple Software Update
2010-07-05 15:51 . 2010-07-05 15:51 -------- d-----w- c:\documents and settings\Tester1\Local Settings\Application Data\Apple
2010-07-05 15:15 . 2010-07-05 15:15 -------- d-----w- c:\program files\MSN Toolbar
2010-07-05 15:15 . 2010-07-05 15:21 -------- d-----w- c:\program files\Microsoft Silverlight
2010-07-05 14:43 . 2010-07-05 14:43 932368 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2010-07-05 14:43 . 2010-07-05 14:43 678416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2010-07-05 14:43 . 2010-07-05 14:43 604688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2010-07-05 14:43 . 2010-07-05 14:43 522768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2010-07-05 14:43 . 2010-07-05 14:43 1096208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2010-07-05 14:36 . 2010-07-05 15:54 -------- d-----w- c:\program files\QuickTime
2010-07-05 14:29 . 2010-07-05 14:57 -------- d-----w- c:\program files\Bonjour Print Services
2010-07-05 14:29 . 2010-07-05 14:29 -------- d-----w- c:\program files\Bonjour
2010-07-05 14:29 . 2010-07-05 14:29 -------- d-----w- c:\documents and settings\Tester1\Application Data\Yahoo!
2010-07-05 14:29 . 2010-07-05 14:31 -------- d-----w- c:\documents and settings\Tester1\Local Settings\Application Data\Google
2010-07-05 14:28 . 2010-07-05 14:28 -------- d-----w- c:\documents and settings\Tester1\Local Settings\Application Data\Mozilla
2010-07-05 14:19 . 2010-07-05 14:27 -------- d-----w- c:\documents and settings\Tester1\Local Settings\Application Data\Adobe
2010-07-05 14:14 . 2010-07-05 14:14 -------- d-----w- c:\program files\Secunia
2010-07-05 14:10 . 2010-07-05 14:10 -------- d-sh--w- c:\documents and settings\Tester1\IECompatCache
2010-07-05 14:09 . 2010-07-05 14:09 -------- d-sh--w- c:\documents and settings\Tester1\PrivacIE
2010-07-04 22:48 . 2010-07-04 22:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-07-04 22:47 . 2010-07-04 22:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-07-04 22:14 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-04 22:14 . 2010-07-04 22:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-04 22:14 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-04 17:29 . 2010-07-04 22:41 -------- d-----w- C:\ERDNT
2010-07-04 02:02 . 2010-07-04 02:02 -------- d-----w- c:\documents and settings\Default User\Application Data\Apple Computer
2010-07-04 02:01 . 2010-07-04 02:02 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Apple Computer
2010-07-04 00:29 . 2010-07-04 00:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-04 00:29 . 2010-07-04 00:32 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-04 00:10 . 2009-10-10 04:31 315408 ----a-w- c:\windows\system32\drivers\2941162.sys
2010-07-04 00:10 . 2009-09-25 22:59 128016 ----a-w- c:\windows\system32\drivers\29411621.sys
2010-07-03 22:34 . 2010-07-03 22:36 -------- d-----w- c:\program files\Windows Live Safety Center
2010-07-03 21:40 . 2010-07-03 21:40 -------- dc----w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-07-03 21:26 . 2010-07-03 21:26 -------- d-----w- c:\documents and settings\Administrator\Application Data\ElevatedDiagnostics
2010-07-03 21:25 . 2010-07-03 21:25 86728 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-03 21:24 . 2010-07-03 21:24 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2010-07-03 21:23 . 2010-07-03 21:23 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-07-03 18:30 . 2010-07-05 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2010-07-03 18:30 . 2010-07-03 18:30 -------- d-----w- c:\program files\Kaspersky Lab
2010-07-03 18:20 . 2010-07-03 18:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-07-03 16:52 . 2010-07-03 16:52 -------- d-----w- c:\program files\AVG
2010-07-03 16:46 . 2010-07-03 16:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-06-16 01:01 . 2010-06-16 01:01 72504 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-11 02:00 . 2010-06-11 02:00 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2010-06-11 00:06 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-05 17:59 . 2009-01-27 19:13 -------- d-----w- c:\program files\iTunes
2010-07-05 15:56 . 2008-04-18 15:26 -------- d-----w- c:\program files\Common Files\Apple
2010-07-05 15:14 . 2010-02-16 16:18 -------- d-----w- c:\program files\Bing Bar Installer
2010-07-05 14:30 . 2007-09-27 02:16 -------- d-----w- c:\program files\Google
2010-07-05 14:01 . 2007-09-27 23:26 -------- d-----w- c:\program files\Java
2010-07-04 02:02 . 2010-07-05 14:08 -------- d-----w- c:\documents and settings\Tester1\Application Data\Apple Computer
2010-07-03 22:15 . 2007-12-11 21:54 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-05-28 11:04 . 2010-05-28 11:04 14896 ----a-w- c:\windows\system32\drivers\psi_mf.sys
2010-05-18 21:35 . 2010-05-18 21:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 21:35 . 2010-05-18 21:35 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-05-18 21:35 . 2010-05-18 21:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-06 10:41 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22 . 2004-08-04 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30 . 2004-08-04 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-10 22:05 . 2010-04-10 22:05 65328 ----a-w- c:\windows\AppPatch\matsshim.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 22:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98} "= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather "= "c:\program files\AWS\WeatherBug\Weather.exe" [2010-04-29 1652736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon "= "c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"TkBellExe "= "c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-04 198160]
"Microsoft Default Manager "= "c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"AVP "= "c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-21 340456]
"Bing Bar "= "c:\program files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe" [2010-03-24 243544]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2010-03-19 421888]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"Adobe Photo Downloader "= "c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop Optimize Reminder
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Toolkit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
2004-09-07 18:47 57344 ----a-w- c:\windows\ALCXMNTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-15 03:17 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-04 12:00 208952 ----a-w- c:\windows\ime\IMJP8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 21:33 141624 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-16 20:01 13529088 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 20:01 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 20:01 1630208 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-04 12:00 455168 ------w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-04 12:00 455168 ------w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-19 03:16 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-04-29 11:04 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
2010-04-29 14:38 1652736 ----a-r- c:\program files\AWS\WeatherBug\Weather.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2010 9.0.0.736\\English\\setup.exe "=
"c:\\WINDOWS\\system32\\sessmgr.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [10/14/2009 9:18 PM 36880]
R1 29411621;29411621;c:\windows\system32\drivers\29411621.sys [7/3/2010 7:10 PM 128016]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [9/14/2009 2:42 PM 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [10/2/2009 7:39 PM 19472]
S0 29411622;29411622 Boot Guard Driver;c:\windows\system32\DRIVERS\29411622.sys --> c:\windows\system32\DRIVERS\29411622.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/5/2010 9:30 AM 135664]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [4/10/2010 5:05 PM 266544]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [5/28/2010 6:04 AM 14896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:50]

2010-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 14:30]

2010-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 14:30]

2010-07-05 c:\windows\Tasks\User_Feed_Synchronization-{E47FE794-CD9A-451D-A03D-B87CADCFD174}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.excite.com/
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} - hxxp://cnn-5.vo.llnwd.net/c1/static/cab_headless/GameTapWebUpdater.cab
DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} - file:///D:/CDVIEWER/CdViewer.cab
FF - ProfilePath - c:\documents and settings\Owner.LARRY-8B333E52E\Application Data\Mozilla\Firefox\Profiles\n5xswr4f.default\
FF - component: c:\program files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\components\SEPsearchhelperff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: c:\program files\MSN Toolbar\Platform\5.0.1423.0\Firefox\components\DomBridge.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.lu ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.nu ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.nz ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--p1ai ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbayh7gpa ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.tel ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.proxy.type ", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "dom.ipc.plugins.timeoutSecs ", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "accelerometer.enabled ", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.nptest.dll ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npswf32.dll ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npctrl.dll ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npqtplugin.dll ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled ", false);
.
- - - - ORPHANS REMOVED - - - -

BHO-{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-PC SpeedScan Pro - c:\program files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-05 14:40
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101 "

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe "

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2884)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2010-07-05 14:45:01 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-05 19:44

Pre-Run: 145,035,157,504 bytes free
Post-Run: 145,228,050,432 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS= "Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 4997F480D719E7C89AB02323C14412C3

 

Broni,

Here is the next file:

exeHelper by Raktor
Build 20100414
Run at 14:16:40 on 07/05/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Owner on 07/05/2010 at 14:15:34.


Processes terminated by Rkill or while it was running:


C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Downloads\rkill.exe


Rkill completed on 07/05/2010 at 14:15:42.

 

ComboFix Txt File

Broni,

Here is the second ComboFix Txt file. I ran ComboFix before I noticed you wanted the AskBarDis removed. Please let me know if you want me to rerun the combofix.

Thanks.

ComboFix 10-07-04.04 - Owner 07/05/2010 15:18:24.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.612 [GMT -5:00]
Running from: C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\CFScript.txt
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FILE ::
"c:\windows\ALCXMNTR.EXE "
"c:\windows\system32\drivers\2941162.sys "
"c:\windows\system32\drivers\29411621.sys "
"c:\windows\system32\DRIVERS\29411622.sys "
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Norton
c:\documents and settings\All Users\Application Data\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI
c:\documents and settings\All Users\Application Data\Norton\NPE\NPEsettings.dat
c:\documents and settings\All Users\Application Data\ParetoLogic
c:\documents and settings\All Users\Application Data\ParetoLogic\UUS2\Temp\Update.exe
c:\program files\AVG
c:\windows\ALCXMNTR.EXE
c:\windows\system32\drivers\2941162.sys
c:\windows\system32\drivers\29411621.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_29411621
-------\Legacy_29411622
-------\Service_29411621
-------\Service_29411622


((((((((((((((((((((((((( Files Created from 2010-06-05 to 2010-07-05 )))))))))))))))))))))))))))))))
.

2010-07-05 19:10:37 . 2010-07-05 19:10:37 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Identities
2010-07-05 18:34:30 . 2010-07-05 18:39:30 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\HPAppData
2010-07-05 18:34:27 . 2010-07-05 18:34:36 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Google
2010-07-05 18:15:32 . 2010-07-05 18:15:33 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\WeatherBug
2010-07-05 18:15:27 . 2010-07-05 18:15:27 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\WeatherBug
2010-07-05 18:14:34 . 2010-07-05 18:14:34 18944 ----a-r- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Microsoft\Installer\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}\IconBB6A16301.exe
2010-07-05 18:14:34 . 2010-07-05 18:14:34 11264 ----a-r- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Microsoft\Installer\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}\IconBB6A1630.exe
2010-07-05 18:14:32 . 2010-07-05 18:14:32 -------- d-----w- C:\Program Files\AWS
2010-07-05 18:12:26 . 2010-07-05 18:12:26 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\FixItCenter
2010-07-05 18:10:27 . 2010-07-05 18:10:28 -------- d-----w- C:\WINDOWS\MATS
2010-07-05 18:10:26 . 2010-07-05 18:10:28 -------- d-----w- C:\Program Files\Microsoft Fix it Center
2010-07-05 18:04:37 . 2010-07-05 18:04:37 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\ElevatedDiagnostics
2010-07-05 17:49:51 . 2010-07-05 17:49:51 -------- d-sh--w- C:\Documents and Settings\Owner.LARRY-8B333E52E\IECompatCache
2010-07-05 17:49:15 . 2010-07-05 17:49:15 -------- d-sh--w- C:\Documents and Settings\Owner.LARRY-8B333E52E\PrivacIE
2010-07-05 17:37:13 . 2010-07-05 17:37:13 86728 ----a-w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-05 17:36:25 . 2010-07-05 17:36:25 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Cached Installations
2010-07-05 17:15:53 . 2010-07-05 17:15:53 -------- d-----w- C:\Program Files\Common Files\Adobe
2010-07-05 17:00:42 . 2010-07-05 17:02:41 -------- dc-h--w- C:\WINDOWS\ie8
2010-07-05 16:15:23 . 2010-07-04 02:02:20 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Apple Computer
2010-07-05 16:15:23 . 2010-07-04 02:02:20 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Apple Computer
2010-07-05 16:15:23 . 2010-06-11 02:00:02 -------- d-sh--w- C:\Documents and Settings\Owner.LARRY-8B333E52E\IETldCache
2010-07-05 16:15:22 . 2010-07-05 17:49:51 -------- d-----w- C:\Documents and Settings\Owner.LARRY-8B333E52E
2010-07-05 15:56:57 . 2010-07-05 15:56:57 -------- d-----w- C:\Program Files\iPod
2010-07-05 15:56:42 . 2010-07-05 15:57:54 -------- d-----w- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-05 15:51:22 . 2010-07-05 15:51:23 -------- d-----w- C:\Program Files\Apple Software Update
2010-07-05 15:51:16 . 2010-07-05 15:51:16 -------- d-----w- C:\Documents and Settings\Tester1\Local Settings\Application Data\Apple
2010-07-05 15:15:23 . 2010-07-05 15:15:23 -------- d-----w- C:\Program Files\MSN Toolbar
2010-07-05 15:15:03 . 2010-07-05 15:21:07 -------- d-----w- C:\Program Files\Microsoft Silverlight
2010-07-05 14:43:44 . 2010-07-05 14:43:44 932368 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2010-07-05 14:43:44 . 2010-07-05 14:43:44 678416 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2010-07-05 14:43:43 . 2010-07-05 14:43:44 604688 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2010-07-05 14:43:43 . 2010-07-05 14:43:43 522768 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2010-07-05 14:43:43 . 2010-07-05 14:43:43 1096208 ----a-w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2010-07-05 14:36:52 . 2010-07-05 15:54:06 -------- d-----w- C:\Program Files\QuickTime
2010-07-05 14:29:51 . 2010-07-05 14:57:33 -------- d-----w- C:\Program Files\Bonjour Print Services
2010-07-05 14:29:40 . 2010-07-05 14:29:42 -------- d-----w- C:\Program Files\Bonjour
2010-07-05 14:29:02 . 2010-07-05 14:29:02 -------- d-----w- C:\Documents and Settings\Tester1\Application Data\Yahoo!
2010-07-05 14:29:01 . 2010-07-05 14:31:25 -------- d-----w- C:\Documents and Settings\Tester1\Local Settings\Application Data\Google
2010-07-05 14:28:17 . 2010-07-05 14:28:17 -------- d-----w- C:\Documents and Settings\Tester1\Local Settings\Application Data\Mozilla
2010-07-05 14:19:09 . 2010-07-05 14:27:35 -------- d-----w- C:\Documents and Settings\Tester1\Local Settings\Application Data\Adobe
2010-07-05 14:14:12 . 2010-07-05 14:14:12 -------- d-----w- C:\Program Files\Secunia
2010-07-05 14:10:19 . 2010-07-05 14:10:19 -------- d-sh--w- C:\Documents and Settings\Tester1\IECompatCache
2010-07-05 14:09:59 . 2010-07-05 14:09:59 -------- d-sh--w- C:\Documents and Settings\Tester1\PrivacIE
2010-07-04 22:48:37 . 2010-07-04 22:48:37 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2010-07-04 22:47:21 . 2010-07-04 22:47:21 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2010-07-04 22:14:18 . 2010-04-29 20:39:38 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-07-04 22:14:08 . 2010-07-04 22:14:21 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-04 22:14:08 . 2010-04-29 20:39:26 20952 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2010-07-04 17:29:03 . 2010-07-04 22:41:56 -------- d-----w- C:\ERDNT
2010-07-04 02:02:20 . 2010-07-04 02:02:20 -------- d-----w- C:\Documents and Settings\Default User\Application Data\Apple Computer
2010-07-04 02:01:06 . 2010-07-04 02:02:20 -------- d-----w- C:\Documents and Settings\Default User\Local Settings\Application Data\Apple Computer
2010-07-04 00:29:56 . 2010-07-04 00:33:02 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-04 00:29:56 . 2010-07-04 00:32:05 -------- d-----w- C:\Program Files\Spybot - Search & Destroy
2010-07-03 22:34:51 . 2010-07-03 22:36:56 -------- d-----w- C:\Program Files\Windows Live Safety Center
2010-07-03 21:40:51 . 2010-07-03 21:40:51 -------- dc----w- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-07-03 21:26:17 . 2010-07-03 21:26:17 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
2010-07-03 21:25:23 . 2010-07-03 21:25:23 86728 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-03 21:24:20 . 2010-07-03 21:24:20 -------- d-sh--w- C:\Documents and Settings\Administrator\IECompatCache
2010-07-03 21:23:57 . 2010-07-03 21:23:58 -------- d-sh--w- C:\Documents and Settings\Administrator\PrivacIE
2010-07-03 18:30:45 . 2010-07-05 20:27:54 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2010-07-03 18:30:45 . 2010-07-03 18:30:45 -------- d-----w- C:\Program Files\Kaspersky Lab
2010-07-03 18:20:23 . 2010-07-03 18:20:23 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-06-16 01:01:34 . 2010-06-16 01:01:34 72504 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-11 02:00:02 . 2010-06-11 02:00:02 -------- d-sh--w- C:\Documents and Settings\Default User\IETldCache
2010-06-11 00:06:13 . 2010-05-06 10:41:48 743424 -c----w- C:\WINDOWS\system32\dllcache\iedvtool.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-05 17:59:37 . 2009-01-27 19:13:20 -------- d-----w- C:\Program Files\iTunes
2010-07-05 15:56:53 . 2008-04-18 15:26:20 -------- d-----w- C:\Program Files\Common Files\Apple
2010-07-05 15:14:37 . 2010-02-16 16:18:42 -------- d-----w- C:\Program Files\Bing Bar Installer
2010-07-05 14:30:11 . 2007-09-27 02:16:10 -------- d-----w- C:\Program Files\Google
2010-07-05 14:01:21 . 2007-09-27 23:26:20 -------- d-----w- C:\Program Files\Java
2010-07-04 02:02:20 . 2010-07-05 14:08:17 -------- d-----w- C:\Documents and Settings\Tester1\Application Data\Apple Computer
2010-07-03 22:15:36 . 2007-12-11 21:54:06 -------- d---a-w- C:\Documents and Settings\All Users\Application Data\TEMP
2010-05-28 11:04:52 . 2010-05-28 11:04:52 14896 ----a-w- C:\WINDOWS\system32\drivers\psi_mf.sys
2010-05-18 21:35:16 . 2010-05-18 21:35:16 91424 ----a-w- C:\WINDOWS\system32\dnssd.dll
2010-05-18 21:35:16 . 2010-05-18 21:35:16 197920 ----a-w- C:\WINDOWS\system32\dnssdX.dll
2010-05-18 21:35:16 . 2010-05-18 21:35:16 107808 ----a-w- C:\WINDOWS\system32\dns-sd.exe
2010-05-06 10:41:53 . 2004-08-04 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2010-05-02 05:22:50 . 2004-08-04 12:00:00 1851264 ----a-w- C:\WINDOWS\system32\win32k.sys
2010-04-20 05:30:08 . 2004-08-04 12:00:00 285696 ----a-w- C:\WINDOWS\system32\atmfd.dll
2010-04-10 22:05:58 . 2010-04-10 22:05:58 65328 ----a-w- C:\WINDOWS\AppPatch\matsshim.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} ----

2010-07-05 15:57:56 . 2010-07-05 17:59:44 2094 ----a-w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxInstallLog.txt
2009-06-03 14:32:24 . 2009-06-03 14:32:24 7994 ----a-w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\gearaspiwdmx86.cat
2009-05-18 18:48:52 . 2009-05-18 18:48:52 2763 ----a-w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\GEARAspiWDM.inf
2009-05-18 18:17:00 . 2009-05-18 18:17:00 26600 ----a-w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspiWDM.sys
2009-02-04 18:56:14 . 2009-02-04 18:56:14 75112 ----a-w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
2008-04-17 17:12:54 . 2008-04-17 17:12:54 107368 ----a-w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspi.dll
2006-11-02 11:21:54 . 2006-11-02 11:21:54 319456 ----a-w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxAPI.dll

---- Directory of c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} ----



((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 22:20:16 279944 ----a-w- C:\Program Files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98} "= "C:\Program Files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 22:20:16 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather "= "C:\Program Files\AWS\WeatherBug\Weather.exe" [2010-04-29 14:38:54 1652736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 20:01:00 13529088]
"TkBellExe "= "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2009-08-04 10:55:52 198160]
"Microsoft Default Manager "= "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 22:43:04 288088]
"AVP "= "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-21 01:39:28 340456]
"Bing Bar "= "C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe" [2010-03-24 21:26:02 243544]
"QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [2010-03-19 03:16:10 421888]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [2010-06-15 21:33:44 141624]
"Adobe Photo Downloader "= "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 16:09:58 63712]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12:16 15360 ----a-w- C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-15 03:17:32 49152 ----a-w- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-04 12:00:00 208952 ----a-w- C:\WINDOWS\ime\IMJP8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 21:33:44 141624 ----a-w- C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-16 20:01:00 13529088 ----a-w- C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 20:01:00 86016 ----a-w- C:\WINDOWS\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 20:01:00 1630208 ----a-w- C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-04 12:00:00 455168 ------w- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-04 12:00:00 455168 ------w- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-19 03:16:10 421888 ----a-w- C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-04-29 11:04:32 68856 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
2010-04-29 14:38:54 1652736 ----a-r- C:\Program Files\AWS\WeatherBug\Weather.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2010 9.0.0.736\\English\\setup.exe "=
"C:\\WINDOWS\\system32\\sessmgr.exe "=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"C:\\Program Files\\iTunes\\iTunes.exe "=

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [10/14/2009 9:18:34 PM 36880]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\drivers\klim5.sys [9/14/2009 2:42:46 PM 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\system32\drivers\klmouflt.sys [10/2/2009 7:39:44 PM 19472]
S2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [7/5/2010 9:30:13 AM 135664]
S3 MatSvc;Microsoft Automated Troubleshooting Service;C:\Program Files\Microsoft Fix it Center\Matsvc.exe [4/10/2010 5:05:58 PM 266544]
S3 PSI;PSI;C:\WINDOWS\system32\drivers\psi_mf.sys [5/28/2010 6:04:52 AM 14896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-07-05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:50:20 . 2009-10-22 16:50:20]

2010-07-05 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-05 14:30:13 . 2010-07-05 14:30:10]

2010-07-05 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-05 14:30:13 . 2010-07-05 14:30:10]

2010-07-05 C:\WINDOWS\Tasks\User_Feed_Synchronization-{E47FE794-CD9A-451D-A03D-B87CADCFD174}.job
- C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 16:58:32 . 2009-03-08 09:31:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.excite.com/
IE: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} - hxxp://cnn-5.vo.llnwd.net/c1/static/cab_headless/GameTapWebUpdater.cab
DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} - file:///D:/CDVIEWER/CdViewer.cab
FF - ProfilePath - C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Mozilla\Firefox\Profiles\n5xswr4f.default\
FF - component: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\components\SEPsearchhelperff.dll
FF - component: C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox\components\DomBridge.dll
FF - component: C:\Program Files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.lu ", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.nu ", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.nz ", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--p1ai ", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbayh7gpa ", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.tel ", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "network.proxy.type ", 5);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "dom.ipc.plugins.timeoutSecs ", 45);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref( "accelerometer.enabled ", true);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.nptest.dll ", true);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npswf32.dll ", true);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npctrl.dll ", true);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npqtplugin.dll ", true);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled ", false);
.

 

Broni!!!!!

You are awesome! The computer now has internet access in the normal mode Thanks to you. I really appreciate your help with resolving this problem.

Very Respectfully,

Kurt.

 

OTL logfile created on: 7/5/2010 4:40:53 PM - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 517.00 Mb Available Physical Memory | 51.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 135.72 Gb Free Space | 91.07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LARRY-8B333E52E
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/05 16:40:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\OTL.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/29 09:38:54 | 001,652,736 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2010/03/24 16:26:02 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe
PRC - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009/10/20 20:34:38 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
PRC - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe


========== Modules (SafeList) ==========

MOD - [2010/07/05 16:40:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/07/03 15:12:22 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/05/28 06:04:52 | 000,014,896 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009/10/02 19:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/14 14:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009/05/09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2008/05/16 15:01:00 | 006,557,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/03 17:41:36 | 000,606,684 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001/08/17 13:58:12 | 000,022,912 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\umaxpcls.sys -- (UMAXPCLS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.excite.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: msntoolbar@msn.com:5.0

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/08/04 05:56:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/10 20:59:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/07/05 10:15:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/05 11:16:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/05 10:54:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/07/03 13:31:12 | 000,000,000 | ---D | M]

[2010/07/05 11:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Mozilla\Extensions
[2010/07/05 11:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Mozilla\Firefox\Profiles\n5xswr4f.default\extensions
[2010/07/05 11:17:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Mozilla\Firefox\Profiles\n5xswr4f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/05 11:03:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/03 19:03:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru

O1 HOSTS File: ([2010/07/05 15:27:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://pcpitstop.com/internet/pcpConnCheck.cab (iCC Class)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1206890859984 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} http://www.parker.com/cadfiles/dwfviewer/DwfViewerSetup.cab (Reg Error: Key error.)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx (Get_ActiveX Control)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} http://cnn-5.vo.llnwd.net/c1/static/cab_headless/GameTapWebUpdater.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FB298ECE-4D17-414A-A5E8-FABC938796B2} http://www.kohlerplus.com/_bin/AWSDrawingViewer.cab (ActiveWebParts Illustration Viewer)
O16 - DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} file:///D:/CDVIEWER/CdViewer.cab (AMI DicomDir TreeView Control 2.1)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/26 12:25:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56871556046913536)

========== Files/Folders - Created Within 90 Days ==========

[2010/07/05 16:40:00 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\OTL.exe
[2010/07/05 15:33:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/05 15:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/07/05 14:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\AntiVirus Programs
[2010/07/05 14:23:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/05 14:21:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/05 14:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Identities
[2010/07/05 13:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\LarryShortcuts
[2010/07/05 13:34:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\HPAppData
[2010/07/05 13:34:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Google
[2010/07/05 13:34:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Google
[2010/07/05 13:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\WeatherBug
[2010/07/05 13:15:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\WeatherBug
[2010/07/05 13:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\AWS
[2010/07/05 13:12:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\FixItCenter
[2010/07/05 13:10:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2010/07/05 13:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010/07/05 13:04:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\ElevatedDiagnostics
[2010/07/05 12:49:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\IECompatCache
[2010/07/05 12:49:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\PrivacIE
[2010/07/05 12:36:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2010/07/05 12:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Adobe
[2010/07/05 12:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/07/05 12:00:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/07/05 11:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\WORD
[2010/07/05 11:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\TURBO TAX
[2010/07/05 11:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\TracFone
[2010/07/05 11:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\TaxACT 2009
[2010/07/05 11:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Siltronix Manual
[2010/07/05 11:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Radon Tests
[2010/07/05 11:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\POWERPOINT
[2010/07/05 11:49:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\My Videos
[2010/07/05 11:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Kohler M18 Manual
[2010/07/05 11:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\HD TV WIRING
[2010/07/05 11:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\GolfLogix
[2010/07/05 11:49:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\EXCEL
[2010/07/05 11:49:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\ACCESS
[2010/07/05 11:49:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\1040A&B FORMS
[2010/07/05 11:20:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Downloads
[2010/07/05 11:16:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Mozilla
[2010/07/05 11:16:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Mozilla
[2010/07/05 11:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Real
[2010/07/05 11:15:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Identities
[2010/07/05 11:15:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\My Pictures
[2010/07/05 11:15:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\My Music
[2010/07/05 11:15:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Microsoft
[2010/07/05 11:15:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\SendTo
[2010/07/05 11:15:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Recent
[2010/07/05 11:15:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data
[2010/07/05 11:15:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Start Menu
[2010/07/05 11:15:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents
[2010/07/05 11:15:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Favorites
[2010/07/05 11:15:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\IETldCache
[2010/07/05 11:15:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Cookies
[2010/07/05 11:15:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Templates
[2010/07/05 11:15:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\PrintHood
[2010/07/05 11:15:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\NetHood
[2010/07/05 11:15:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings
[2010/07/05 11:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Microsoft
[2010/07/05 11:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Macromedia
[2010/07/05 11:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop
[2010/07/05 11:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\Apple Computer
[2010/07/05 11:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Apple Computer
[2010/07/05 10:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/07/05 10:56:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/05 10:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/07/05 10:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010/07/05 10:15:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/07/05 09:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/07/05 09:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour Print Services
[2010/07/05 09:29:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/07/05 09:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2010/07/04 17:14:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/04 17:14:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/04 17:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/04 12:29:03 | 000,000,000 | ---D | C] -- C:\ERDNT
[2010/07/03 19:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/07/03 19:29:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/07/03 17:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/07/03 16:40:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/07/03 16:25:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2010/07/03 13:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/07/03 13:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2010/07/03 13:30:33 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/07/03 13:20:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2010/05/28 06:04:52 | 000,014,896 | ---- | C] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/07/05 16:44:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E47FE794-CD9A-451D-A03D-B87CADCFD174}.job
[2010/07/05 16:40:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\OTL.exe
[2010/07/05 16:39:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/05 16:32:53 | 000,065,615 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/07/05 16:32:45 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/05 16:32:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/05 16:32:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/05 16:32:36 | 1073,139,712 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/05 16:31:23 | 001,835,008 | -H-- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\NTUSER.DAT
[2010/07/05 16:31:23 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\ntuser.ini
[2010/07/05 16:29:24 | 008,033,640 | -H-- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\IconCache.db
[2010/07/05 15:28:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/05 15:27:19 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/05 14:58:31 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\Mediacom - Home.url
[2010/07/05 14:23:37 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/07/05 13:51:57 | 000,000,055 | ---- | M] () -- C:\WINDOWS\TaxACT09.ini
[2010/07/05 13:47:34 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\Intellicast - Minonk Weather Report in Illinois (61760).url
[2010/07/05 13:46:01 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\E-mail.lnk
[2010/07/05 13:45:58 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Blank December 2009 Calendar.LNK
[2010/07/05 13:38:15 | 000,000,224 | ---- | M] () -- C:\WINDOWS\System32\9B13A86D.plf
[2010/07/05 13:14:33 | 000,001,793 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Microsoft\Internet Explorer\Quick Launch\WeatherBug.lnk
[2010/07/05 13:14:33 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\WeatherBug.lnk
[2010/07/05 13:06:40 | 000,000,212 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\CEFCU - Home Page.url
[2010/07/05 13:06:03 | 000,000,335 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\My Excite.url
[2010/07/05 12:59:45 | 000,002,341 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/07/05 12:37:13 | 000,086,728 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/05 12:25:06 | 000,316,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/05 12:19:03 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/07/05 12:15:55 | 000,002,077 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop Album Starter Edition 3.2.lnk
[2010/07/05 11:15:44 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/07/05 10:53:54 | 000,001,614 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/07/05 10:51:30 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/05 10:02:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/05 09:29:52 | 000,001,822 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Bonjour Printer Wizard.lnk
[2010/07/03 20:25:11 | 000,011,871 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/07/03 19:40:57 | 000,411,396 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2010/07/03 19:06:04 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/07/03 16:24:21 | 000,000,302 | ---- | M] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\Suggested Sites.url
[2010/07/03 15:44:24 | 000,547,228 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/03 15:44:24 | 000,459,318 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/03 15:44:24 | 000,078,634 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/03 15:12:22 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/07/03 15:12:21 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/07/03 15:12:21 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/05/28 06:04:52 | 000,014,896 | ---- | M] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/16 14:23:59 | 000,001,077 | ---- | M] () -- C:\WINDOWS\win.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/05 14:58:31 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\Mediacom - Home.url
[2010/07/05 14:23:37 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/07/05 14:23:35 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/05 13:47:34 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\Intellicast - Minonk Weather Report in Illinois (61760).url
[2010/07/05 13:46:01 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\E-mail.lnk
[2010/07/05 13:45:58 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Blank December 2009 Calendar.LNK
[2010/07/05 13:38:15 | 000,000,224 | ---- | C] () -- C:\WINDOWS\System32\9B13A86D.plf
[2010/07/05 13:14:33 | 000,001,793 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Microsoft\Internet Explorer\Quick Launch\WeatherBug.lnk
[2010/07/05 13:14:33 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\WeatherBug.lnk
[2010/07/05 13:06:40 | 000,000,212 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\CEFCU - Home Page.url
[2010/07/05 13:06:03 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\My Excite.url
[2010/07/05 12:15:55 | 000,002,077 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop Album Starter Edition 3.2.lnk
[2010/07/05 11:49:59 | 007,017,984 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Our Home.ppt
[2010/07/05 11:49:59 | 002,260,121 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\proof_the_irish_discovered_africia.wmv
[2010/07/05 11:49:59 | 000,774,020 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\TurboTax Online Est - Deluxe 2009.mht
[2010/07/05 11:49:59 | 000,002,076 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\SY00132_.WMF
[2010/07/05 11:49:59 | 000,000,372 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\spider.sav
[2010/07/05 11:49:58 | 008,888,734 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\M&B HB GPA.wav
[2010/07/05 11:49:58 | 000,278,016 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Front Porch Window Sunday11-8-09.ppt
[2010/07/05 11:49:58 | 000,164,930 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\Fw_ Breths Prom pics.eml
[2010/07/05 11:49:58 | 000,000,317 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\My Documents\feeds.opml
[2010/07/05 11:15:44 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/07/05 11:15:24 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\ntuser.ini
[2010/07/05 11:15:23 | 001,835,008 | -H-- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\NTUSER.DAT
[2010/07/05 11:15:23 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\NTUSER.DAT.LOG
[2010/07/05 10:57:58 | 000,002,341 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/07/05 10:53:54 | 000,001,614 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/07/05 10:51:30 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/05 09:30:16 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/05 09:30:15 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/05 09:29:52 | 000,001,822 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Bonjour Printer Wizard.lnk
[2010/07/05 09:23:59 | 1073,139,712 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/03 18:06:28 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/07/03 16:24:20 | 000,000,302 | ---- | C] () -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop\Suggested Sites.url
[2010/07/03 13:31:37 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/07/03 13:31:37 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/02/11 09:52:37 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\AscSQLite.dll
[2009/11/29 19:50:50 | 000,000,055 | ---- | C] () -- C:\WINDOWS\TaxACT09.ini
[2009/01/30 17:24:46 | 000,223,232 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2008/11/23 11:36:22 | 000,011,871 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/05/16 15:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 15:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/16 15:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/16 15:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/16 15:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/02/23 09:28:08 | 000,000,074 | ---- | C] () -- C:\WINDOWS\TaxACT07.ini
[2007/12/10 09:16:09 | 000,000,440 | ---- | C] () -- C:\WINDOWS\3DHOME.INI
[2007/09/27 19:04:56 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2007/09/27 08:15:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2007/09/27 07:41:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/04 07:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/04 07:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/04 07:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/04 07:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/04 07:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[1999/01/22 05:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/02/11 12:41:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/05/07 16:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ascentive
[2010/07/05 12:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2007/09/26 13:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Geek Squad
[2008/04/25 17:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/01/07 06:39:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2007/12/11 16:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/02/15 09:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SkyGolf
[2010/07/03 17:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/01/26 18:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2010/07/05 10:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/03 16:40:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2009/12/20 06:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/07/05 13:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\ElevatedDiagnostics
[2010/07/05 13:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.LARRY-8B333E52E\Application Data\WeatherBug
[2010/07/05 16:44:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E47FE794-CD9A-451D-A03D-B87CADCFD174}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/09/10 09:31:28 | 000,428,927 | ---- | M] () -- C:\AnalysisLog.sr0
[2007/09/26 12:25:47 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/05/09 13:11:22 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/07/05 14:23:37 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2009/01/06 07:20:58 | 000,051,346 | ---- | M] () -- C:\caavsetupLog.txt
[2009/01/06 15:25:10 | 001,032,668 | ---- | M] () -- C:\caisslog.txt
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2007/09/26 12:25:47 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/01/06 06:40:13 | 000,214,940 | ---- | M] () -- C:\coreuninstall.log
[2010/02/16 11:36:49 | 000,052,323 | ---- | M] () -- C:\CybDefInstallInfo.log
[2010/07/05 12:37:20 | 000,000,000 | ---- | M] () -- C:\FileRecovery.log
[2010/07/05 16:32:36 | 1073,139,712 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/17 06:53:20 | 000,000,164 | ---- | M] () -- C:\install.dat
[2007/09/26 12:25:47 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/26 18:01:57 | 000,588,745 | ---- | M] () -- C:\LDS taxReturn.tax2009
[2007/09/26 12:25:47 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/07/22 12:17:09 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/07/05 16:32:34 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2010/07/05 14:15:42 | 000,000,400 | ---- | M] () -- C:\rkill.log
[2009/05/22 16:53:22 | 000,000,005 | ---- | M] () -- C:\testfile.txt
[2009/02/06 09:59:05 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log
[2010/07/05 10:14:49 | 000,132,856 | ---- | M] () -- C:\wlrepair.log

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/03/15 16:32:10 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha(2).dll
[2007/03/15 16:32:10 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha(3).dll
[2007/03/15 16:32:10 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha(4).dll
[2007/03/15 16:32:10 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha(5).dll
[2007/03/15 16:32:10 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha(6).dll
[2007/03/15 16:32:10 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >


< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/13 19:12:00 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007/09/26 07:04:25 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/09/26 07:04:25 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/09/26 07:04:25 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 19:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 19:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\ws2help.dll /md5 >
[2008/04/13 19:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FE120A60
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5A823589
@Alternate Data Stream - 162 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56DA0F9E
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E799D7F
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:45F31C4F
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BD8B9DD
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FF8F1AE3
< End of report >

 

OTL Extras logfile created on: 7/5/2010 4:40:54 PM - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Documents and Settings\Owner.LARRY-8B333E52E\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 517.00 Mb Available Physical Memory | 51.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 135.72 Gb Free Space | 91.07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LARRY-8B333E52E
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
" " =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNetisabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNetisabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNetisabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNetisabledxpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe" = C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe:*:Enabled:Kaspersky Internet Security 2010 Setup -- (Kaspersky Lab)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002C9999-0000-0000-C000-000000000112}" = Microsoft Office Web Components
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{427EDD3F-D12A-4DE5-9A36-AC4DE8EBC981}" = ActiveSpeed
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8F018A9E-56DE-4A79-A5EF-25F413F1D538}" = WeatherBug
"{90260409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Web Components
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{9D210D79-AEC5-453B-960C-4DD2C73931E1}" = Bonjour Print Services
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{c600ab3d-8b64-41df-bf36-b3d87ce0706b}" = C7200_Help
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CECEB0FF-5C45-4b50-9A00-C596E36D88F4}" = C7200
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E21DA178-9FB0-4F91-B79C-5A6DDEEBFB8D}" = Bing Bar Platform
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"3D Home Architect Deluxe 3.0" = 3D Home Architect(r) Deluxe 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}" = Wolfenstein(TM) 1.1 Patch
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Secunia PSI" = Secunia PSI
"SkyCaddieDesktop" = SkyCaddie Desktop
"TaxACT 2009" = TaxACT 2009
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/3/2010 7:56:04 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\22557f9.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 7/3/2010 7:56:04 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\22557f9.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 7/3/2010 7:56:05 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\26b7782.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 7/3/2010 7:56:05 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\26b7782.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 7/3/2010 7:56:05 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\c4242.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 7/3/2010 7:56:05 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\c4242.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 7/3/2010 7:56:05 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\a7cda.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 7/3/2010 7:56:05 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\a7cda.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 7/3/2010 7:56:05 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\28811.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 7/3/2010 7:56:05 PM | Computer Name = LARRY-8B333E52E | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\28811.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

[ System Events ]
Error - 7/5/2010 3:31:59 PM | Computer Name = LARRY-8B333E52E | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
29411622

Error - 7/5/2010 4:25:28 PM | Computer Name = LARRY-8B333E52E | Source = PlugPlayManager | ID = 11
Description = The device Root\LEGACY_29411621\0000 disappeared from the system without
first being prepared for removal.

Error - 7/5/2010 4:25:28 PM | Computer Name = LARRY-8B333E52E | Source = PlugPlayManager | ID = 11
Description = The device Root\LEGACY_29411622\0000 disappeared from the system without
first being prepared for removal.

Error - 7/5/2010 4:27:30 PM | Computer Name = LARRY-8B333E52E | Source = Service Control Manager | ID = 7000
Description = The Print Port Scanner Driver service failed to start due to the following
error: %%1058

Error - 7/5/2010 4:29:18 PM | Computer Name = LARRY-8B333E52E | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 7/5/2010 5:20:51 PM | Computer Name = LARRY-8B333E52E | Source = Service Control Manager | ID = 7000
Description = The Print Port Scanner Driver service failed to start due to the following
error: %%1058

Error - 7/5/2010 5:22:12 PM | Computer Name = LARRY-8B333E52E | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 7/5/2010 5:31:31 PM | Computer Name = LARRY-8B333E52E | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070663: Security Update for Microsoft Office XP Web Components (KB947320).

Error - 7/5/2010 5:33:03 PM | Computer Name = LARRY-8B333E52E | Source = Service Control Manager | ID = 7000
Description = The Print Port Scanner Driver service failed to start due to the following
error: %%1058

Error - 7/5/2010 5:34:25 PM | Computer Name = LARRY-8B333E52E | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.


< End of report >