also @ TechSpot: Blizzard talks Diablo 3 facts, nerfing and buffs for legendary items

TechSpot
Collaborate in the cloud with Office, Exchange, SharePoint, and Lync.
Microsoft Office 365. Pay-as-you-go starting at $8/user/month. Begin your free trial now.

[Solved] Xp copy of mbr

Discussion in 'Virus and Malware Removal' started by elseco60, Oct 24, 2010.

Thread Status:
Not open for further replies.
Page 2 of 2

  1. elseco60 Newcomer, in training

    hi broni
    computer is doing a little bit better still very slow

    OTL logfile created on: 10/30/2010 9:45:02 PM - Run 1
    OTL by OldTimer - Version 3.2.17.1 Folder = C:\Documents and Settings\Owner\Desktop
    Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 69.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 88.72 Gb Total Space | 1.21 Gb Free Space | 1.36% Space Free | Partition Type: NTFS
    Drive D: | 74.53 Gb Total Space | 14.91 Gb Free Space | 20.00% Space Free | Partition Type: NTFS
    Drive E: | 4.43 Gb Total Space | 2.31 Gb Free Space | 52.21% Space Free | Partition Type: FAT32

    Computer Name: THECRAZY | User Name: Owner | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/10/30 21:30:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
    PRC - [2010/10/04 18:59:46 | 003,016,560 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
    PRC - [2010/09/08 17:58:19 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    PRC - [2010/09/07 08:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2010/08/25 21:11:14 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    PRC - [2010/08/13 13:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2004/11/03 14:03:00 | 000,125,528 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1282796920\EE\AOLHostManager.exe
    PRC - [2004/11/03 14:03:00 | 000,110,680 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1282796920\EE\AOLServiceHost.exe
    PRC - [2004/10/18 17:42:18 | 000,079,448 | ---- | M] () -- C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe
    PRC - [2004/10/15 13:54:14 | 000,100,016 | ---- | M] (America Online, Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    PRC - [2004/10/15 13:54:12 | 000,046,768 | ---- | M] (America Online Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/10/30 21:30:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
    MOD - [2006/08/25 08:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2010/09/07 08:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
    SRV - [2010/09/07 08:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
    SRV - [2010/09/07 08:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2010/08/25 21:11:14 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
    SRV - [2010/08/13 13:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2004/10/15 13:54:14 | 000,100,016 | ---- | M] (America Online, Inc) [Auto | Running] -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
    DRV - [2010/09/07 07:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2010/09/07 07:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2010/09/07 07:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2010/09/07 07:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2010/09/07 07:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2010/09/07 07:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2010/08/25 21:29:41 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
    DRV - [2005/10/27 15:06:30 | 000,356,096 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61) Linksys Wireless-G PCI Adapter Driver(RT61)
    DRV - [2005/09/26 15:07:00 | 003,644,800 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
    DRV - [2005/09/18 08:32:00 | 003,493,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
    DRV - [2005/07/29 17:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
    DRV - [2005/07/29 17:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
    DRV - [2004/11/10 17:30:18 | 000,024,832 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
    DRV - [2004/11/10 17:27:34 | 000,044,288 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
    DRV - [2004/08/04 12:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
    DRV - [2004/08/04 12:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
    DRV - [2004/08/04 12:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
    DRV - [2004/08/04 12:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
    DRV - [2004/08/04 12:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
    DRV - [2004/08/04 12:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
    DRV - [2004/08/04 12:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
    DRV - [2004/08/04 12:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
    DRV - [2004/08/04 12:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
    DRV - [2004/08/04 12:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
    DRV - [2004/08/04 12:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
    DRV - [2004/08/04 12:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
    DRV - [2004/08/04 12:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
    DRV - [2004/08/04 12:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
    DRV - [2004/08/04 12:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
    DRV - [2004/08/04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2004/08/03 16:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
    DRV - [2004/08/03 16:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
    DRV - [2003/01/10 14:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
    DRV - [2001/08/17 06:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    O1 HOSTS File: ([2010/10/30 20:09:47 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4 - HKLM..\Run: [AOL Spyware Protection] C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe ()
    O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1282796920\EE\AOLHostManager.exe (America Online, Inc.)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
    O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
    O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\emachines.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\emachines.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2004/08/26 11:04:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2007/10/27 19:03:16 | 000,000,060 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] () - E:\autorun.inf.aug.8 -- [ FAT32 ]
    O32 - AutoRun File - [2004/09/13 12:15:24 | 000,000,053 | -HS- | M] () - E:\AUTORUN.FCB -- [ FAT32 ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found

    Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point (54619756233228288)

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/10/30 21:30:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
    [2010/10/30 20:14:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
    [2010/10/30 14:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2010/10/30 13:37:30 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2010/10/30 13:37:29 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2010/10/30 13:37:28 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2010/10/30 13:37:28 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2010/10/30 13:35:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2010/10/30 13:17:56 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/10/27 20:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
    [2010/10/27 20:03:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/10/27 20:03:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2010/10/27 20:03:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/10/27 20:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/10/27 19:31:44 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
    [2010/10/27 19:25:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sun
    [2010/10/27 18:47:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
    [2010/10/27 08:04:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
    [2010/10/21 17:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
    [2010/10/13 14:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\coolpro2
    [2010/10/08 22:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
    [2010/10/06 14:14:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
    [2010/10/06 13:55:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
    [2010/10/05 21:38:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
    [2010/10/04 19:47:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
    [2010/10/04 19:39:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    [2010/10/04 19:37:25 | 000,000,000 | R--D | C] -- C:\MSOCache
    [2010/10/04 19:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
    [2010/10/04 18:52:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Google
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/10/31 00:08:38 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2010/10/30 21:37:29 | 000,030,277 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2010/10/30 21:36:53 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2010/10/30 21:35:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/10/30 21:35:39 | 1575,473,152 | -HS- | M] () -- C:\hiberfil.sys
    [2010/10/30 21:30:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
    [2010/10/30 20:09:47 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2010/10/30 17:44:19 | 000,085,504 | ---- | M] () -- C:\WINDOWS\MBR.exe
    [2010/10/30 15:34:39 | 003,896,496 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
    [2010/10/30 14:22:47 | 000,000,316 | RHS- | M] () -- C:\boot.ini
    [2010/10/30 09:54:45 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MBRCheck.exe
    [2010/10/27 20:03:38 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/10/27 18:42:14 | 000,432,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2010/10/27 18:42:14 | 000,067,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2010/10/27 18:33:30 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/10/21 21:38:30 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
    [2010/10/19 16:00:08 | 000,294,912 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
    [2010/10/06 14:19:03 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
    [2010/10/06 14:19:00 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2010/10/05 21:51:58 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/10/05 18:31:03 | 000,274,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2010/10/04 19:31:09 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/10/30 21:35:37 | 1575,473,152 | -HS- | C] () -- C:\hiberfil.sys
    [2010/10/30 14:22:44 | 000,000,199 | ---- | C] () -- C:\Boot.bak
    [2010/10/30 14:22:29 | 000,260,272 | RHS- | C] () -- C:\cmldr
    [2010/10/30 13:37:30 | 000,085,504 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2010/10/30 13:37:29 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2010/10/30 13:37:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2010/10/30 13:37:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2010/10/30 13:37:28 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2010/10/30 13:10:52 | 003,896,496 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
    [2010/10/30 09:54:44 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MBRCheck.exe
    [2010/10/30 09:38:39 | 000,294,912 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
    [2010/10/27 20:03:38 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/10/21 21:38:29 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
    [2010/10/05 21:34:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/09/28 20:11:56 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
    [2010/08/25 22:43:15 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/08/25 21:24:02 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
    [2010/08/25 21:23:40 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
    [2010/08/25 21:16:00 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
    [2006/02/01 01:58:31 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2006/02/01 01:58:30 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2006/02/01 01:58:29 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2006/02/01 01:58:27 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2006/02/01 01:58:27 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
    [2006/02/01 01:58:27 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
    [2006/02/01 01:58:23 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
    [2004/08/27 03:50:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2004/08/26 09:12:43 | 000,001,420 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
    [2004/08/26 09:12:43 | 000,000,485 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
    [2004/08/26 03:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

    ========== LOP Check ==========

    [2010/08/29 13:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2010/10/27 08:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
    [2010/10/05 20:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    [2010/08/25 21:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2005/01/03 19:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2010/08/26 21:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound
    [2010/08/25 21:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
    [2010/10/21 21:38:30 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2010/08/25 21:24:46 | 000,000,189 | ---- | M] () -- C:\audio.log
    [2004/08/26 11:04:39 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/08/29 13:34:41 | 000,000,199 | ---- | M] () -- C:\Boot.bak
    [2010/10/30 14:22:47 | 000,000,316 | RHS- | M] () -- C:\boot.ini
    [2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
    [2010/10/30 20:14:08 | 000,010,194 | ---- | M] () -- C:\ComboFix.txt
    [2004/08/26 11:04:39 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2010/10/30 21:35:39 | 1575,473,152 | -HS- | M] () -- C:\hiberfil.sys
    [2004/08/26 11:04:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/08/25 21:30:40 | 000,001,078 | -H-- | M] () -- C:\IPH.PH
    [2010/08/25 21:11:39 | 000,000,086 | ---- | M] () -- C:\lan.log
    [2010/08/25 20:37:37 | 000,000,064 | ---- | M] () -- C:\MOVE_RECOVERY
    [2004/08/26 11:04:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2004/08/04 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2004/08/04 12:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
    [2010/08/25 21:25:24 | 000,000,086 | ---- | M] () -- C:\nvida.log
    [2004/12/31 22:23:54 | 001,111,862 | ---- | M] () -- C:\OTL.Txt
    [2010/10/30 21:35:34 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
    [2010/10/24 17:11:12 | 000,000,508 | ---- | M] () -- C:\rapport.txt
    [2010/10/23 17:06:19 | 000,000,498 | ---- | M] () -- C:\RootRepeal report 10-23-10 (17-06-19).txt
    [2010/08/25 21:05:02 | 000,000,002 | RHS- | M] () -- C:\USER

    < %systemroot%\Fonts\*.com >
    [2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2004/08/04 12:00:00 | 000,000,067 | ---- | M] () -- C:\WINDOWS\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    [2004/03/22 15:17:06 | 000,025,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
    [2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >
    [2010/09/07 08:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >

    < %PROGRAMFILES%\*.* >

    < %APPDATA%\Update\*.* >

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >
    [2004/08/26 03:53:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2004/08/26 03:53:18 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2004/08/26 03:53:18 | 000,864,256 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
    [2004/08/26 11:04:46 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2004/08/26 11:09:50 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
    [2004/08/26 11:09:49 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

    < %USERPROFILE%\Desktop\*.exe >
    [2010/10/30 15:34:39 | 003,896,496 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
    [2010/10/19 16:00:08 | 000,294,912 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
    [2010/10/30 09:54:45 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MBRCheck.exe
    [2010/10/30 21:30:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\0*.exe >

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2004/08/26 11:09:49 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Owner\Favorites\Desktop.ini
    [2010/08/26 21:58:06 | 000,000,236 | ---- | M] () -- C:\Documents and Settings\Owner\Favorites\NCH Audio and Telephony Software.lnk

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >

    < %systemroot%\system32\drivers\*.rmv >

    < dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

    < dir /b "%systemroot%\*.exe" | find /i " " /c >

    < %PROGRAMFILES%\Microsoft\*.* >

    < %systemroot%\System32\Wbem\proquota.exe >

    < %PROGRAMFILES%\Mozilla Firefox\*.dat >

    < %USERPROFILE%\Cookies\*.txt /x >
    [2010/10/30 21:37:31 | 000,049,152 | -HS- | M] () -- C:\Documents and Settings\Owner\Cookies\index.dat

    < %SystemRoot%\system32\fonts\*.* >

    < %systemroot%\system32\winlog\*.* >

    < %systemroot%\system32\Language\*.* >

    < %systemroot%\system32\Settings\*.* >

    < %systemroot%\system32\*.quo >

    < %SYSTEMROOT%\AppPatch\*.exe >

    < %SYSTEMROOT%\inf\*.exe >
    [2004/08/11 01:45:04 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

    < %SYSTEMROOT%\Installer\*.exe >

    < %systemroot%\system32\config\*.bak2 >

    < %systemroot%\system32\Computers\*.* >

    < %SystemRoot%\system32\Sound\*.* >

    < %SystemRoot%\system32\SpecialImg\*.* >

    < %SystemRoot%\system32\code\*.* >

    < %SystemRoot%\system32\draft\*.* >

    < %SystemRoot%\system32\MSSSys\*.* >

    < %ProgramFiles%\Javascript\*.* >

    < %systemroot%\pchealth\helpctr\System\*.exe /s >

    < %systemroot%\Web\*.exe >

    < %systemroot%\system32\msn\*.* >

    < %systemroot%\system32\*.tro >

    < %AppData%\Microsoft\Installer\msupdates\*.* >

    < %ProgramFiles%\Messenger\*.* >
    [2004/08/04 12:00:00 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
    [2004/08/04 08:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
    [2004/08/04 08:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
    [2008/05/02 07:22:02 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
    [2004/08/04 08:06:34 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
    [2004/10/13 09:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
    [2004/08/04 08:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
    [2004/08/04 08:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
    [2004/08/04 08:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
    [2004/08/04 08:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
    [2004/08/04 08:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

    < %systemroot%\system32\systhem32\*.* >

    < %systemroot%\system\*.exe >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


    < End of report >
    elseco60, Oct 31, 2010
    #21

  2. elseco60 Newcomer, in training

    OTL Extras logfile created on: 10/30/2010 9:45:02 PM - Run 1
    OTL by OldTimer - Version 3.2.17.1 Folder = C:\Documents and Settings\Owner\Desktop
    Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 69.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 88.72 Gb Total Space | 1.21 Gb Free Space | 1.36% Space Free | Partition Type: NTFS
    Drive D: | 74.53 Gb Total Space | 14.91 Gb Free Space | 20.00% Space Free | Partition Type: NTFS
    Drive E: | 4.43 Gb Total Space | 2.31 Gb Free Space | 52.21% Space Free | Partition Type: FAT32

    Computer Name: THECRAZY | User Name: Owner | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde File not found
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:mad:xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:mad:xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:mad:xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:mad:xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22002

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (America Online, Inc.)
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
    "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon -- (America Online, Inc)
    "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed -- (America Online Inc)
    "C:\Program Files\Common Files\AOL\1282796920\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1282796920\EE\AOLServiceHost.exe:*:Enabled:AOL -- (America Online, Inc.)
    "C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL -- (America Online Inc.)
    "C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL -- ()
    "C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL -- (AOL Spyware Protection)
    "C:\My Backup -- 10-08-25 0837PM\Program Files\FrostWire\FrostWire.exe" = C:\My Backup -- 10-08-25 0837PM\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite eMachines
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{267AB309-8021-4CAE-9698-D9A0BEEF7FBA}" = Paint.NET v3.0
    "{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
    "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
    "{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
    "{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
    "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
    "{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
    "{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
    "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
    "{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
    "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
    "{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
    "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
    "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "America Online us" = America Online (Choose which version to remove)
    "AOL Spyware Protection" = AOL Spyware Protection
    "avast5" = avast! Free Antivirus
    "CCleaner" = CCleaner
    "ie8" = Windows Internet Explorer 8
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Money2006b" = Microsoft Money 2006
    "NVIDIA Drivers" = NVIDIA Drivers
    "PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
    "RealPlayer 6.0" = RealPlayer Basic
    "SMALLBUSINESSR" = Microsoft Office Small Business 2007
    "Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
    "ViewpointMediaPlayer" = Viewpoint Media Player
    "WavePad" = WavePad Sound Editor
    "WIC" = Windows Imaging Component
    "Windows Media Format Runtime" = Windows Media Format Runtime
    "Windows Media Player" = Windows Media Player 10
    "WinRAR archiver" = WinRAR archiver
    "Yahoo! Companion" = Yahoo! Toolbar

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 9/28/2010 11:10:04 PM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
    module searchtoolbar.dll, version 1.1.0.6, fault address 0x00009e1e.

    Error - 9/28/2010 11:10:51 PM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
    module searchtoolbar.dll, version 1.1.0.6, fault address 0x00009e1e.

    Error - 9/29/2010 12:39:30 AM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
    module searchtoolbar.dll, version 1.1.0.6, fault address 0x00009dd2.

    Error - 1/4/2005 1:06:46 AM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application quickcam.exe, version 0.0.0.0, faulting module
    , version 0.0.0.0, fault address 0x00000000.

    Error - 1/4/2005 1:06:52 AM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
    dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.

    Error - 1/4/2005 1:08:49 AM | Computer Name = THECRAZY | Source = Application Hang | ID = 1002
    Description = Hanging application Quickcam.exe, version 0.0.0.0, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 1/4/2005 1:30:17 AM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application quickcam.exe, version 11.80.1065.0, faulting
    module quickcam.exe, version 11.80.1065.0, fault address 0x000426ca.

    Error - 1/4/2005 1:44:21 AM | Computer Name = THECRAZY | Source = Application Hang | ID = 1002
    Description = Hanging application Quickcam.exe, version 11.80.1065.0, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    [ Application Events ]
    Error - 9/28/2010 11:10:04 PM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
    module searchtoolbar.dll, version 1.1.0.6, fault address 0x00009e1e.

    Error - 9/28/2010 11:10:51 PM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
    module searchtoolbar.dll, version 1.1.0.6, fault address 0x00009e1e.

    Error - 9/29/2010 12:39:30 AM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
    module searchtoolbar.dll, version 1.1.0.6, fault address 0x00009dd2.

    Error - 1/4/2005 1:06:46 AM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application quickcam.exe, version 0.0.0.0, faulting module
    , version 0.0.0.0, fault address 0x00000000.

    Error - 1/4/2005 1:06:52 AM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
    dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.

    Error - 1/4/2005 1:08:49 AM | Computer Name = THECRAZY | Source = Application Hang | ID = 1002
    Description = Hanging application Quickcam.exe, version 0.0.0.0, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 1/4/2005 1:30:17 AM | Computer Name = THECRAZY | Source = Application Error | ID = 1000
    Description = Faulting application quickcam.exe, version 11.80.1065.0, faulting
    module quickcam.exe, version 11.80.1065.0, fault address 0x000426ca.

    Error - 1/4/2005 1:44:21 AM | Computer Name = THECRAZY | Source = Application Hang | ID = 1002
    Description = Hanging application Quickcam.exe, version 11.80.1065.0, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.


    < End of report >
    elseco60, Oct 31, 2010
    #22

  3. Broni Malware Annihilator

    One of the reasons, your computer is slow is this:
    You must start moving stuff out drive C immediately, or it may not boot at all one day.

    ==========================================================================

    Update your Java version here: http://www.java.com/en/download/installed.jsp

    Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

    Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

    Now, we need to remove old Java version and its remnants...

    Download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.

    =====================================================================

    OTL log looks perfectly clean, so...

    Last scans...

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    2. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    3. Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • IMPORTANT! UN-check Remove found threats
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push List of found threats
    • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • NOTE. If Eset won't find any threats, it won't produce any log.
    Broni, Oct 31, 2010
    #23

  4. elseco60 Newcomer, in training

    hi broni
    did you have time to look my last post
    i really desperate for help can you please tell me what is my next step
    and i thank you for your time
    pardon me for my english

    \
    elseco60, Nov 1, 2010
    #24

  5. Broni Malware Annihilator

    I posted instructions for you.
    Didn't you read them?
    Look at my previous reply.
    Broni, Nov 1, 2010
    #25

  6. elseco60 Newcomer, in training

    hi broni
    securitycheck log
    Results of screen317's Security Check version 0.99.5
    Windows XP Service Pack 3
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:
    Windows Firewall Enabled!
    avast! Free Antivirus
    ```````````````````````````````
    Anti-malware/Other Utilities Check:
    Malwarebytes' Anti-Malware
    CCleaner
    Java(TM) 6 Update 22
    Out of date Java installed!
    Adobe Flash Player
    Adobe Reader 7.0
    Out of date Adobe Reader installed!
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent
    Alwil Software Avast5 AvastSvc.exe
    ````````````````````````````````
    DNS Vulnerability Check:
    Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)

    ``````````End of Log````````````
    elseco60, Nov 2, 2010
    #26

  7. Broni Malware Annihilator

    Update Adobe Reader

    You can download it from http://www.adobe.com/products/acrobat/readstep2.html
    After installing the latest Adobe Reader, uninstall all previous versions.
    Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

    Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
    It's a much smaller file to download and uses a lot less resources than Adobe Reader.
    Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or other garbage.
    On this page:

    [IMG]

    make sure, you have both boxes UN-checked AND (important!) click on Decline button
    Broni, Nov 2, 2010
    #27

  8. elseco60 Newcomer, in training

    hi broni computer is a little bit better but still give me a bsod at shutdown
    here is the eset scan
    C:\My Backup -- 10-08-25 0837PM\Program Files\Image-Line\FL Studio 8\Plugins\Fruity\Generators\Toxic Biohazard\Toxic Biohazard.dll probably a variant of Win32/Delf.LQXDKYX trojan
    D:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\ASP130.tmp\aspapp\setup.exe probably a variant of Win32/Agent.MWCCTSP trojan
    D:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\ASP19C.tmp\aspapp\setup.exe probably a variant of Win32/Agent.MWCCTSP trojan
    D:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install\6.1.32.1\setup.exe probably a variant of Win32/Agent.HZHBURL trojan
    D:\Documents and Settings\Mario\Desktop\Unused Desktop Shortcuts\dvdsetup.exe probably a variant of Win32/Adware.SearchIt.AA application
    D:\Program Files\Error Repair Professional\autostart.exe Win32/Adware.ErrorRepairPro application
    elseco60, Nov 4, 2010
    #28

  9. Broni Malware Annihilator

    We'll get back to it in a moment.

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL

:Services

:Reg

:Files
C:\My Backup -- 10-08-25 0837PM\Program Files\Image-Line\FL Studio 8\Plugins\Fruity\Generators\Toxic Biohazard\Toxic Biohazard.dll 
D:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\ASP130.tmp\aspapp\setup.exe 
D:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\ASP19C.tmp\aspapp\setup.exe 
D:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install\6.1.32.1\setup.exe 
D:\Documents and Settings\Mario\Desktop\Unused Desktop Shortcuts\dvdsetup.exe 
D:\Program Files\Error Repair Professional\autostart.exe

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.

    ======================================================================

    Your computer is clean [IMG]

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

    Run OTL

    • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    Code:
    :OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post resulting log.

    2. Now, we'll remove all tools, we used during our cleaning process

    Clean up with OTL:

    • Double-click OTL.exe to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    3. Make sure, Windows Updates are current.

    4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC) weekly.

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. Run defrag at your convenience.

    11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    12. Please, let me know, how is your computer doing.
    Broni, Nov 4, 2010
    #29

  10. elseco60 Newcomer, in training

    thank you for your help here is the otl log
    All processes killed
    ========== OTL ==========
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== OTL ==========
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    C:\My Backup -- 10-08-25 0837PM\Program Files\Image-Line\FL Studio 8\Plugins\Fruity\Generators\Toxic Biohazard\Toxic Biohazard.dll moved successfully.
    D:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\ASP130.tmp\aspapp\setup.exe moved successfully.
    D:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\ASP19C.tmp\aspapp\setup.exe moved successfully.
    D:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install\6.1.32.1\setup.exe moved successfully.
    D:\Documents and Settings\Mario\Desktop\Unused Desktop Shortcuts\dvdsetup.exe moved successfully.
    D:\Program Files\Error Repair Professional\autostart.exe moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: Bryan
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Jackie
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Maio
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Owner
    ->Temp folder emptied: 20866401 bytes
    ->Temporary Internet Files folder emptied: 277879338 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 790 bytes

    User: Walter
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 851968 bytes
    %systemroot%\System32\dllcache .tmp files removed: 240640 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 316594 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 286.00 mb


    [EMPTYFLASH]

    User: Administrator

    User: All Users

    User: Bryan
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Jackie
    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: Maio

    User: NetworkService

    User: Owner
    ->Flash cache emptied: 0 bytes

    User: Walter
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb

    Error: Unable to interpret <C:\My Backup -- 10-08-25 0837PM\Program Files\Image-Line\FL Studio 8\Plugins\Fruity\Generators\Toxic Biohazard\Toxic Biohazard.dll > in the current context!
    Error: Unable to interpret <D:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\ASP130.tmp\aspapp\setup.exe > in the current context!
    Error: Unable to interpret <D:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\ASP19C.tmp\aspapp\setup.exe > in the current context!
    Error: Unable to interpret <D:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install\6.1.32.1\setup.exe > in the current context!
    Error: Unable to interpret <D:\Documents and Settings\Mario\Desktop\Unused Desktop Shortcuts\dvdsetup.exe > in the current context!
    Error: Unable to interpret <D:\Program Files\Error Repair Professional\autostart.exe> in the current context!
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: Bryan
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Jackie
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Maio
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Owner
    ->Temp folder emptied: 128512 bytes
    ->Temporary Internet Files folder emptied: 1505790 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Walter
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 2.00 mb


    [EMPTYFLASH]

    User: Administrator

    User: All Users

    User: Bryan
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Jackie
    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: Maio

    User: NetworkService

    User: Owner
    ->Flash cache emptied: 0 bytes

    User: Walter
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.17.1 log created on 11042010_200149

    Files\Folders moved on Reboot...
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DF80C6.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DF80D1.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DF8129.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DF8134.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DF8164.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DF816F.tmp not found!
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\Q9SLMU8N\sh26[1].html moved successfully.
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\EFDLK32W\crosspixel-dest[1].htm moved successfully.
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\3BA7ZI94\4958588[1].htm moved successfully.
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\3BA7ZI94\topic155426-2[3].html moved successfully.
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DF4036.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DFD4AE.tmp not found!

    Registry entries deleted on Reboot...
    elseco60, Nov 4, 2010
    #30

  11. Broni Malware Annihilator

    When you're done with all steps...

    Download BlueScreenView (in Zip file)
    No installation required.
    Unzip downloaded file and double click on BlueScreenView.exe file to run the program.
    When scanning is done, go Edit>Select All.
    Go File>Save Selected Items, and save the report as BSOD.txt.
    Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.
    Broni, Nov 4, 2010
    #31

  12. elseco60 Newcomer, in training

    otl log
    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: Bryan
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Jackie
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Maio
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Owner
    ->Temp folder emptied: 99840 bytes
    ->Temporary Internet Files folder emptied: 2405637 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 790 bytes

    User: Walter
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 90 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 2.00 mb


    [EMPTYFLASH]

    User: Administrator

    User: All Users

    User: Bryan
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Jackie
    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: Maio

    User: NetworkService

    User: Owner
    ->Flash cache emptied: 0 bytes

    User: Walter
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb

    Restore points cleared and new OTL Restore Point set!

    OTL by OldTimer - Version 3.2.17.1 log created on 11042010_201444

    Files\Folders moved on Reboot...
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DFAF90.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DFAFA6.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DFB065.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DFB0D8.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DFB282.tmp not found!
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\~DFB322.tmp not found!
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\RNBZRHW6\sh26[1].html moved successfully.
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\MBIL9F44\topic155426-2[1].html moved successfully.
    File\Folder C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GOCHWZ40\6298354[1].htm not found!
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GOCHWZ40\crosspixel-dest[1].htm moved successfully.
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
    File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

    Registry entries deleted on Reboot...
    elseco60, Nov 4, 2010
    #32

  13. elseco60 Newcomer, in training

    ==================================================
    Dump File : Mini110410-01.dmp
    Crash Time : 11/4/2010 7:04:13 AM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110410-01.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110310-04.dmp
    Crash Time : 11/3/2010 8:18:48 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110310-04.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110310-03.dmp
    Crash Time : 11/3/2010 8:05:13 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110310-03.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110310-02.dmp
    Crash Time : 11/3/2010 7:20:41 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110310-02.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110310-01.dmp
    Crash Time : 11/3/2010 6:30:46 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110310-01.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110210-09.dmp
    Crash Time : 11/2/2010 8:32:55 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000120
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110210-09.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110210-08.dmp
    Crash Time : 11/2/2010 8:21:38 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000120
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110210-08.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110210-07.dmp
    Crash Time : 11/2/2010 8:17:01 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000120
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110210-07.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110210-06.dmp
    Crash Time : 11/2/2010 8:11:17 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000120
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110210-06.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110210-05.dmp
    Crash Time : 11/2/2010 8:03:58 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110210-05.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110210-04.dmp
    Crash Time : 11/2/2010 8:00:02 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000120
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110210-04.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110210-03.dmp
    Crash Time : 11/2/2010 7:48:59 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000124
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110210-03.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110210-02.dmp
    Crash Time : 11/2/2010 6:55:00 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110210-02.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110210-01.dmp
    Crash Time : 11/2/2010 6:22:11 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110210-01.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110110-03.dmp
    Crash Time : 11/1/2010 11:00:39 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110110-03.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110110-02.dmp
    Crash Time : 11/1/2010 7:40:50 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110110-02.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini110110-01.dmp
    Crash Time : 11/1/2010 7:21:18 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini110110-01.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini103110-05.dmp
    Crash Time : 10/31/2010 9:26:25 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini103110-05.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini103110-04.dmp
    Crash Time : 10/31/2010 9:17:20 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini103110-04.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini103110-03.dmp
    Crash Time : 10/31/2010 9:07:18 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000098
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini103110-03.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini103110-02.dmp
    Crash Time : 10/31/2010 12:31:01 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000078
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini103110-02.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini103110-01.dmp
    Crash Time : 10/31/2010 10:50:12 AM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000078
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini103110-01.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini103010-04.dmp
    Crash Time : 10/30/2010 7:43:07 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000078
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini103010-04.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini103010-03.dmp
    Crash Time : 10/30/2010 3:31:45 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00003f54
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : PROCEXP113.SYS
    Caused By Address : PROCEXP113.SYS+8a8
    File Description :
    Product Name :
    Company :
    File Version :
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini103010-03.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini103010-02.dmp
    Crash Time : 10/30/2010 10:03:23 AM
    Bug Check String : PAGE_FAULT_IN_FREED_SPECIAL_POOL
    Bug Check Code : 0x100000cc
    Parameter 1 : 0x9c80efec
    Parameter 2 : 0x00000000
    Parameter 3 : 0x8052ab63
    Parameter 4 : 0x00000001
    Caused By Driver : kwtiipog.sys
    Caused By Address : kwtiipog.sys+791e
    File Description :
    Product Name :
    Company :
    File Version :
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini103010-02.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini103010-01.dmp
    Crash Time : 10/30/2010 9:22:04 AM
    Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
    Bug Check Code : 0x10000050
    Parameter 1 : 0xfa33900b
    Parameter 2 : 0x00000000
    Parameter 3 : 0xb99e737d
    Parameter 4 : 0x00000000
    Caused By Driver : kwtiipog.sys
    Caused By Address : kwtiipog.sys+c37d
    File Description :
    Product Name :
    Company :
    File Version :
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini103010-01.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini102910-02.dmp
    Crash Time : 10/29/2010 7:00:21 PM
    Bug Check String : DRIVER_PAGE_FAULT_IN_FREED_SPECIAL_POOL
    Bug Check Code : 0x100000d5
    Parameter 1 : 0x9890af6c
    Parameter 2 : 0x00000000
    Parameter 3 : 0xb3b89e64
    Parameter 4 : 0x00000000
    Caused By Driver : kwtiipog.sys
    Caused By Address : kwtiipog.sys+7e64
    File Description :
    Product Name :
    Company :
    File Version :
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini102910-02.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini102910-01.dmp
    Crash Time : 10/29/2010 8:13:06 AM
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x8ee74e00
    Parameter 3 : 0xa6e66a90
    Parameter 4 : 0x00000000
    Caused By Driver :
    Caused By Address :
    File Description :
    Product Name :
    Company :
    File Version :
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini102910-01.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini102810-02.dmp
    Crash Time : 10/28/2010 6:21:23 PM
    Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
    Bug Check Code : 0x10000050
    Parameter 1 : 0xba4c2b24
    Parameter 2 : 0x00000001
    Parameter 3 : 0xb9b4f389
    Parameter 4 : 0x00000000
    Caused By Driver : kwtiipog.sys
    Caused By Address : kwtiipog.sys+c389
    File Description :
    Product Name :
    Company :
    File Version :
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini102810-02.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini102810-01.dmp
    Crash Time : 10/28/2010 7:11:20 AM
    Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
    Bug Check Code : 0x10000050
    Parameter 1 : 0xb97f9b24
    Parameter 2 : 0x00000001
    Parameter 3 : 0xb90ff389
    Parameter 4 : 0x00000000
    Caused By Driver : kwtiipog.sys
    Caused By Address : kwtiipog.sys+c389
    File Description :
    Product Name :
    Company :
    File Version :
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini102810-01.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================

    ==================================================
    Dump File : Mini102710-01.dmp
    Crash Time : 10/27/2010 6:43:58 PM
    Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
    Bug Check Code : 0x000000c4
    Parameter 1 : 0x0000003c
    Parameter 2 : 0x00000078
    Parameter 3 : 0x00000000
    Parameter 4 : 0x00000000
    Caused By Driver : aswSP.SYS
    Caused By Address : aswSP.SYS+6dba
    File Description : avast! self protection module
    Product Name : avast! Antivirus System
    Company : AVAST Software
    File Version : 5.0.677.0
    Processor : 32-bit
    Computer Name :
    Full Path : C:\WINDOWS\Minidump\Mini102710-01.dmp
    Processors Count : 1
    Major Version : 15
    Minor Version : 2600
    ==================================================
    elseco60, Nov 4, 2010
    #33

  14. Broni Malware Annihilator

    It looks like Avast is giving you BSODs.

    Try to reinstall it.

    Any other current issues?
    Broni, Nov 4, 2010
    #34

  15. elseco60 Newcomer, in training

    thank you for your help i really appreciated
    computer is working like new
    thank you X1000.
    elseco60, Nov 10, 2010
    #35

  16. Broni Malware Annihilator

    Excellent !
    Broni, Nov 10, 2010
    #36
Page 2 of 2
Thread Status:
Not open for further replies.