Solved Redirect when clicking on links. 8 steps completed

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=038a1bd4e531714cb03f2736e91128cd
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-04 02:11:07
# local_time=2010-08-03 10:11:07 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 10520 10520 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=73315
# found=0
# cleaned=0
# scan_time=2201




Thanks for your help!

I know yall have plenty of people to help and I really appreciate you doing so, but is there any update on my situation? Thanks again!

Message from Bobbye:

Due to family matters that require my time and efforts, I am unable to continue helping with malware cleaning at this time. If and when these matters are resolved, I will return to the board.

Since the only other helper in the Virus and Malware forum is Broni, I will ask him to pickup the open threads I have going, if and when he can.

Click to expand...

========================================================================

How is redirection issue?

the redirection issue is solved. What I need to know now is whether it is safe to resume accessing things like my bank account online and also purchasing with credit card numbers and the like. Thanks for your help! I know you must be very busy.

Your computer was infected with all kind of trojans and we're not done with checking, yet, so...

1. Using another healthy computer, change all your sensitive passwords, immediately. Phone call to your bank would be a good idea too.
2. Do NOT use this computer for any sensitive operations, yet.

========================================================================

Uninstall Combofix:
Go Start > Run [Vista users, go Start>"Start search"]
Type in:
Combofix /Uninstall
Note the space between the "Combofix" and the "/Uninstall"
Click OK (Vista users - press Enter).
Restart computer.

================================================================

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:



netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
%systemroot%\*. /mp /s
/md5start
/md5stop
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs



* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Thanks guys, sorry I was a away for a bit. Still want to get this figured out. I am also having some mouse troubles, it will not click or double clicks when it is unwanted. I don't know if this is related or not but thought I would mention it.

OTL logfile created on: 8/18/2010 8:28:28 AM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Peter Malanos\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.07 Gb Total Space | 37.97 Gb Free Space | 53.43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PETER
Current User Name: Peter Malanos
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/18 08:25:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Peter Malanos\Desktop\OTL.exe
PRC - [2010/06/28 16:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008/04/24 14:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 14:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2007/12/30 06:23:34 | 001,365,504 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/31 17:38:22 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
PRC - [2006/09/25 20:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1182363942\ee\aolsoftware.exe
PRC - [2005/10/26 04:09:52 | 000,811,008 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2005/03/31 14:32:22 | 000,430,080 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
PRC - [2004/12/16 08:49:44 | 000,385,024 | ---- | M] () -- c:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
PRC - [2004/12/16 07:41:56 | 000,090,112 | ---- | M] (IBM Corp.) -- C:\IBMTOOLS\utils\ibmprc.exe
PRC - [2004/12/11 01:03:00 | 000,446,464 | ---- | M] (IBM) -- C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
PRC - [2004/07/27 17:48:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002/09/20 19:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [1998/09/04 03:09:08 | 000,119,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MDM.EXE


========== Modules (SafeList) ==========

MOD - [2010/08/18 08:25:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Peter Malanos\Desktop\OTL.exe
MOD - [2007/04/19 15:21:40 | 000,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll
MOD - [2006/09/01 09:22:54 | 000,073,728 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\VirtualExpander\VEShellExt.dll
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/04 09:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/08/04 09:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\PsaSrv.exe -- (PsaSrv)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008/04/24 14:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2004/12/16 08:49:44 | 000,385,024 | ---- | M] () [Auto | Running] -- c:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe -- (IBM Rapid Restore Ultra Service)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2002/09/20 19:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\tclondrv.sys -- (tclondrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 16:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/28 16:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2006/12/26 08:54:35 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/12/26 08:54:34 | 000,015,440 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005/11/02 13:54:04 | 000,013,184 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2005/02/05 07:51:00 | 000,392,832 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2005/02/01 21:00:42 | 000,012,416 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2004/12/16 08:12:20 | 000,063,616 | ---- | M] (IBM) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ibmfilter.sys -- (ibmfilter)
DRV - [2004/12/06 21:55:20 | 000,126,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/02 05:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/09/02 05:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/09/02 05:05:00 | 000,086,202 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/09/02 05:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/09/02 05:05:00 | 000,025,723 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/09/02 05:05:00 | 000,014,715 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/09/02 05:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/09/02 05:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/09/02 05:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/08/17 07:21:00 | 000,087,168 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/08/04 03:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/04 03:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/04 02:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/14 15:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 15:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/07/14 06:56:00 | 000,040,448 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/02/25 06:22:00 | 000,212,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/02/25 06:20:22 | 000,682,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/02/25 06:18:46 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/09/20 14:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2001/08/17 18:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 18:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 18:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 18:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 18:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 17:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 17:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 17:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 17:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 17:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 17:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 17:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 17:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 17:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 17:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 16:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 14:53:32 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qv2kux.sys -- (QV2KUX)
DRV - [2001/08/17 13:58:00 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidbatt.sys -- (HidBatt)
DRV - [2000/06/01 00:29:54 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PMEMNT.SYS -- (PMEM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.weather.com/weather/local/29401?lswe=29401&lwsa=WeatherLocalUndeclared&from=whatwhere|http://autopia.org/forum/index.php?"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.44.18.20090408.3
FF - prefs.js..extensions.enabledItems: yetanothersmoothscrolling@kataho:2.0.20
FF - prefs.js..extensions.enabledItems: {7ef7f4d6-947d-11dc-8314-0800200c9a66}:3.0.1
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.0.4
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:2.95


FF - HKLM\software\mozilla\Flock\Extensions\\Plugins: C:\Program Files\Flock\flock\plugins [2010/08/03 08:16:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Components: C:\Program Files\Flock\flock\components [2009/12/19 11:55:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/13 07:37:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/03 08:16:16 | 000,000,000 | ---D | M]

[2009/04/28 09:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Extensions
[2010/08/18 08:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions
[2008/04/22 12:46:14 | 000,000,000 | ---D | M] (Simple Green) -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\{13b4437e-b706-11dc-8314-0800200c9a66}
[2009/09/02 08:28:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/04/29 09:01:37 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/04/29 09:01:36 | 000,000,000 | ---D | M] (SmoothWheel (mozdev.org)) -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
[2010/08/03 11:31:41 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/28 09:43:36 | 000,000,000 | ---D | M] (Abstract Zune) -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
[2008/04/22 12:44:46 | 000,000,000 | ---D | M] (azureFox) -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\{800e72c4-0a2c-4bc5-a10a-1ee66dfd762a}
[2009/04/28 09:43:11 | 000,000,000 | ---D | M] (PitchDark) -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009/02/18 22:59:30 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents

[2009/02/18 22:59:30 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/04/28 09:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\redshift_V2@shift-themes.com
[2009/04/29 09:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\Mozilla\Firefox\Profiles\jna38tb1.default\extensions\yetanothersmoothscrolling@kataho
[2010/08/18 08:11:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/03 08:11:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/08/03 08:10:44 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/12/05 19:54:48 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2008/09/15 11:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2010/08/03 11:50:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1182363942\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe ()
O4 - HKLM..\Run: [IBMPRC] c:\IBMTOOLS\utils\ibmprc.exe (IBM Corp.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UC_Start] C:\Program Files\IBM\Updater\\ucstartup.exe ()
O4 - HKLM..\Run: [UpdateManager] c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKCU..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\Peter Malanos\Start Menu\Programs\Startup\VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.68.166 68.87.74.166
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Peter Malanos\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Peter Malanos\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/27 02:35:23 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
Unable to start service SrService!

========== Files/Folders - Created Within 90 Days ==========

[2010/08/18 08:25:14 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Peter Malanos\Desktop\OTL.exe
[2010/08/10 15:53:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter Malanos\My Documents\F
[2010/08/10 15:42:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter Malanos\My Documents\Recipes
[2010/08/10 15:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter Malanos\My Documents\quickbooks backups
[2010/08/10 15:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter Malanos\My Documents\Arcadia Construction LLC
[2010/08/05 17:55:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter Malanos\Desktop\trying to cover this gigantic pale back
[2010/08/05 12:38:23 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/03 21:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/08/03 11:42:20 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/08/03 11:39:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/03 08:11:57 | 027,386,256 | ---- | C] ( ) -- C:\Documents and Settings\Peter Malanos\Desktop\AdbeRdr930_en_US.exe
[2010/08/03 08:11:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/08/02 18:35:44 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/08/02 18:35:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/08/02 18:13:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Peter Malanos\Application Data\Malwarebytes
[2010/08/02 18:12:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/02 18:12:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/02 18:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/02 18:12:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/02 18:08:17 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Peter Malanos\Desktop\mbam-setup-1.46.exe
[2010/08/02 17:47:49 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Peter Malanos\Desktop\TFC.exe
[4 C:\Documents and Settings\Peter Malanos\My Documents\*.tmp files -> C:\Documents and Settings\Peter Malanos\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/18 08:25:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Peter Malanos\Desktop\OTL.exe
[2010/08/18 08:14:21 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/18 08:14:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/18 08:02:22 | 000,067,404 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\My Documents\Lot 20 Charlestown.pdf
[2010/08/16 08:53:36 | 000,059,682 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\My Documents\Kendall Awning Quote.pdf
[2010/08/16 08:14:49 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/16 08:13:54 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/16 08:13:51 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/16 08:13:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/16 08:13:27 | 2406,010,880 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/16 08:12:13 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Peter Malanos\NTUSER.DAT
[2010/08/16 08:12:13 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Peter Malanos\ntuser.ini
[2010/08/13 23:34:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/13 15:03:30 | 009,454,592 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\My Documents\Monarch 2010 Thermal TEst Results.xls
[2010/08/13 15:03:30 | 009,454,592 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Desktop\Monarch 2010 Thermal TEst Results.xls
[2010/08/12 08:16:03 | 000,094,598 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Desktop\20100811133627045.pdf
[2010/08/11 19:14:42 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/08/10 20:10:05 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/10 16:06:40 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\My Documents\codes.doc
[2010/08/10 15:58:24 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Desktop\Shortcut (2) to Rainlendar-Lite-2.3.lnk
[2010/08/10 15:55:20 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Desktop\Shortcut to Rainlendar-Lite-2.3.lnk
[2010/08/10 14:56:24 | 000,068,276 | ---- | M] () -- C:\WINDOWS\hpoins05.dat
[2010/08/10 14:44:08 | 000,068,276 | ---- | M] () -- C:\WINDOWS\hpoins05.dat.temp
[2010/08/09 12:33:14 | 062,435,312 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Desktop\drv_rub_w01_ENU_NB.exe
[2010/08/03 21:30:28 | 002,672,312 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Desktop\esetsmartinstaller_enu.exe
[2010/08/03 11:50:47 | 000,000,284 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/03 11:50:13 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/03 11:42:25 | 000,000,254 | RHS- | M] () -- C:\BOOT.INI
[2010/08/03 11:27:09 | 000,372,191 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Desktop\20100802144157514.pdf
[2010/08/03 08:16:16 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/08/03 08:12:19 | 027,386,256 | ---- | M] ( ) -- C:\Documents and Settings\Peter Malanos\Desktop\AdbeRdr930_en_US.exe
[2010/08/02 21:42:40 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Desktop\n0tr6363.exe
[2010/08/02 18:36:04 | 000,001,711 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/02 18:36:03 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/02 18:32:09 | 054,835,272 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Desktop\setup_av_free.exe
[2010/08/02 18:12:55 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/02 18:09:01 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Peter Malanos\Desktop\mbam-setup-1.46.exe
[2010/08/02 17:47:50 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Peter Malanos\Desktop\TFC.exe
[2010/07/26 23:14:54 | 000,001,802 | ---- | M] () -- C:\Documents and Settings\Peter Malanos\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/28 16:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/06/28 16:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/06/28 16:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/06/28 16:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/06/28 16:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/06/23 03:03:27 | 000,501,604 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/23 03:03:27 | 000,441,454 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/23 03:03:27 | 000,071,264 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/10 03:28:33 | 000,154,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/10 03:12:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\Documents and Settings\Peter Malanos\My Documents\*.tmp files -> C:\Documents and Settings\Peter Malanos\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/18 08:20:51 | 009,454,592 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\My Documents\Monarch 2010 Thermal TEst Results.xls
[2010/08/18 08:20:29 | 000,067,404 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\My Documents\Lot 20 Charlestown.pdf
[2010/08/16 08:53:34 | 000,059,682 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\My Documents\Kendall Awning Quote.pdf
[2010/08/13 15:03:23 | 009,454,592 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Desktop\Monarch 2010 Thermal TEst Results.xls
[2010/08/12 08:16:03 | 000,094,598 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Desktop\20100811133627045.pdf
[2010/08/10 15:58:24 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Desktop\Shortcut (2) to Rainlendar-Lite-2.3.lnk
[2010/08/10 15:55:20 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Desktop\Shortcut to Rainlendar-Lite-2.3.lnk
[2010/08/10 14:38:38 | 000,068,276 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2010/08/10 14:38:37 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat.temp
[2010/08/09 12:32:09 | 062,435,312 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Desktop\drv_rub_w01_ENU_NB.exe
[2010/08/03 21:30:19 | 002,672,312 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Desktop\esetsmartinstaller_enu.exe
[2010/08/03 11:42:25 | 000,000,184 | ---- | C] () -- C:\Boot.bak
[2010/08/03 11:42:22 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/08/03 11:27:08 | 000,372,191 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Desktop\20100802144157514.pdf
[2010/08/03 08:16:16 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/08/02 21:42:39 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Desktop\n0tr6363.exe
[2010/08/02 18:36:04 | 000,001,711 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/02 18:31:07 | 054,835,272 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Desktop\setup_av_free.exe
[2010/08/02 18:12:55 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/22 12:12:21 | 000,000,968 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Application Data\BBMS_EXCEPTION.txt
[2009/12/17 12:30:43 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\Execute.dll
[2009/12/17 12:30:42 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\utility3.dll
[2009/02/04 13:09:03 | 000,001,139 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/04/23 09:22:05 | 000,240,427 | ---- | C] () -- C:\Program Files\YzShadow.zip
[2007/09/08 11:50:24 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/08/18 21:17:30 | 000,001,460 | ---- | C] () -- C:\Program Files\DivX Movies.lnk
[2006/11/29 17:33:01 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/10/31 17:41:17 | 000,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/05/02 18:38:24 | 000,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2006/04/04 11:59:36 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/02 18:57:27 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/01/17 18:30:56 | 000,002,199 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/11/30 22:55:27 | 000,000,022 | ---- | C] () -- C:\Program Files\comdlg32.zip
[2005/11/30 22:50:54 | 000,272,208 | ---- | C] () -- C:\Program Files\sharepod.zip
[2005/11/27 03:38:08 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/27 03:38:07 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/11/27 03:38:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2005/11/27 02:35:16 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Peter Malanos\Local Settings\Application Data\fusioncache.dat
[2005/11/14 20:57:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/11/14 20:57:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/11/14 20:57:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/11/14 20:57:40 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/11/14 20:57:40 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/11/14 20:57:39 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/11/02 14:30:26 | 000,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/02 14:00:30 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/02 13:59:46 | 000,005,126 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2005/11/02 13:59:46 | 000,000,296 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2005/11/02 13:59:44 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\FSRremoC.DLL
[2005/11/02 13:48:39 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/02/01 21:00:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2005/02/01 21:00:44 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/12/16 07:41:58 | 000,019,853 | ---- | C] () -- C:\WINDOWS\ibmprc.ini
[2004/11/08 21:12:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/09 17:34:32 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/09 10:10:32 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\AIBMRUNL.dll
[2003/04/10 19:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/08/02 18:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2005/11/02 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ibm
[2010/03/22 12:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/02/11 13:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/01/03 14:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2005/11/27 19:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/21 07:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/12/19 11:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2006/02/02 19:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\acccore
[2007/02/18 00:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\Flock
[2005/11/02 13:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\IBM
[2005/11/27 04:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\InterVideo
[2006/11/09 20:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\Opera
[2010/03/22 12:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\Research in Motion
[2006/06/12 22:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter Malanos\Application Data\Snapfish

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2005/12/07 16:42:23 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2005/12/07 16:42:23 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt
[2005/11/27 02:35:23 | 000,000,000 | -H-- | M] () -- C:\AUTOEXEC.BAT
[2005/11/27 02:34:54 | 000,000,184 | ---- | M] () -- C:\Boot.bak
[2010/08/03 11:42:25 | 000,000,254 | RHS- | M] () -- C:\BOOT.INI
[2005/11/14 20:59:06 | 000,000,000 | -H-- | M] () -- C:\BOOTLOG.PRV
[2005/11/27 02:24:52 | 000,000,000 | -H-- | M] () -- C:\BOOTLOG.TXT
[2004/08/09 17:07:56 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2005/11/02 13:54:12 | 000,000,308 | ---- | M] () -- C:\ccrrec.ver
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/08/03 11:56:20 | 000,015,366 | ---- | M] () -- C:\ComboFix.txt
[2005/11/27 02:35:23 | 000,000,000 | -H-- | M] () -- C:\CONFIG.SYS
[2005/11/02 13:48:40 | 000,000,035 | ---- | M] () -- C:\DLA.TAG
[2005/11/14 20:57:24 | 000,001,831 | ---- | M] () -- C:\drivez.log
[2010/03/31 16:38:01 | 000,000,640 | ---- | M] () -- C:\engine.log
[2010/08/16 08:13:27 | 2406,010,880 | -HS- | M] () -- C:\hiberfil.sys
[2005/11/27 02:35:23 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2005/11/02 13:47:04 | 000,000,164 | ---- | M] () -- C:\LOGFILE.txt
[2006/11/09 15:00:21 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/02/11 13:36:43 | 000,001,050 | ---- | M] () -- C:\net_save.dna
[2004/08/04 09:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 09:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/08/16 08:13:24 | 390,070,272 | -HS- | M] () -- C:\pagefile.sys
[2005/05/24 15:07:50 | 006,126,164 | ---- | M] () -- C:\R. Kelly - The R. In R&B Collection Vol. 1 - Bump N Grind.mp3
[2007/11/14 17:57:19 | 000,000,625 | ---- | M] () -- C:\SharePod_iTunes_Import.xml
[2005/11/14 20:53:58 | 000,000,736 | ---- | M] () -- C:\SYSLEVEL.IBM
[2005/11/27 02:24:52 | 000,262,144 | ---- | M] () -- C:\TAILFILE.TXT
[2005/11/02 14:30:18 | 000,000,044 | ---- | M] () -- C:\TCPACHIP.LOG
[2008/08/21 19:26:50 | 000,000,028 | ---- | M] () -- C:\wizard.txt

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >


< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/08/09 17:17:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/09 17:17:00 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/09 17:17:00 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2007/03/08 11:36:28 | 000,577,536 | ---- | M] (Microsoft Corporation) MD5=B409909F6E2E8A7067076ED748ABF1E7 -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2004/08/04 09:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2004/08/04 09:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9BEACB911CA61E5881102188AB7FB431 -- C:\WINDOWS\system32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B174FAE
< End of report >

OTL Extras logfile created on: 8/18/2010 8:28:28 AM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Peter Malanos\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.07 Gb Total Space | 37.97 Gb Free Space | 53.43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PETER
Current User Name: Peter Malanos
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabledxpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabledxpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\IBM\Updater\jre\bin\java.exe" = C:\Program Files\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- (IBM)
"C:\Program Files\IBM\Updater\jre\bin\javaw.exe" = C:\Program Files\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- (IBM)
"C:\Program Files\IBM\Updater\ucsmb.exe" = C:\Program Files\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- (IBM Corporation, Inc.)
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- File not found
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (AOL, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IBM\Updater\jre\bin\java.exe" = C:\Program Files\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- (IBM)
"C:\Program Files\IBM\Updater\jre\bin\javaw.exe" = C:\Program Files\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- (IBM)
"C:\Program Files\IBM\Updater\ucsmb.exe" = C:\Program Files\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- (IBM Corporation, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\acs\AOLDial.exe" = C:\Program Files\Common Files\AOL\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\AOL\acs\AOLacsd.exe" = C:\Program Files\Common Files\AOL\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1182363942\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1182363942\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (AOL, LLC.)
"C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{11783F13-C3A9-44A8-929B-21A476F65272}" = IBM Rescue and Recovery with Rapid Restore
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = IBM DLA
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{19C989C4-50AE-43A4-B06E-8C70FFFF852F}" = PC-Doctor for Windows
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40A594D0-1490-4979-9382-D2B764F949C6}" = BlackBerry® Media Sync
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5469D537-9B44-4c78-BF2D-5F9807564F74}" = HP PSC & OfficeJet 4.7
"{642C6F12-88B6-45A1-89A9-CB1BC791F48E}" = Hyland Web ActiveX Controls
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69B02159-7622-4DBB-B9EE-F933039830AD}" = QuickBooks Pro 2006
"{6CE96A14-61E2-48CC-837E-22710A953ADE}" = IBM Themes
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{86725988-9085-485C-B277-2D3D0C3D57E0}" = YP-F2J
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8D815BF3-2399-459C-B121-49373FEFB9E8}" = IBM Update Connector
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = IBM RecordNow!
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D43E1D3F-CC1F-4E41-80F5-9C1D28187DE9}" = iPod Updater 2004-08-06
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"{EC6AF20D-4376-4070-BEE4-D3A0DFF7E140}" = Access IBM
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers
"{F413B3A4-EE5D-457C-BAE5-6E58D9589ED5}" = Access IBM Message Center
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All To PDF" = All To PDF
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"avast5" = avast! Free Antivirus
"CloneCD" = CloneCD
"CNXT_MODEM_PCI_VEN_14F1&DEV_2702&SUBSYS_200214F1" = Conexant SoftK56 Data Fax
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"ESET Online Scanner" = ESET Online Scanner v3
"Flock" = Flock (Photobucket Edition) 0.7
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HP Photo & Imaging" = HP Image Zone 4.7
"InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}" = PC-Doctor for Windows
"InstallShield_{D43E1D3F-CC1F-4E41-80F5-9C1D28187DE9}" = iPod Updater 2004-08-06
"InstallShield_{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MouseSuite98" = Mouse Suite
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Rainlendar2" = Rainlendar2 (remove only)
"RealPlayer 6.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Snood 4_is1" = Snood 4
"ST6UNST #1" = Envelope Printer Manager Pro - by: Vsisystems.com
"StreetPlugin" = Learn2 Player (Uninstall Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 9/8/2007 11:19:28 AM | Computer Name = PETER | Source = avast! | ID = 33554522
Description =

Error - 9/8/2007 11:55:44 AM | Computer Name = PETER | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 8/6/2010 9:16:35 AM | Computer Name = PETER | Source = Google Update | ID = 20
Description =

Error - 8/6/2010 10:16:37 AM | Computer Name = PETER | Source = Google Update | ID = 20
Description =

Error - 8/6/2010 11:16:38 AM | Computer Name = PETER | Source = Google Update | ID = 20
Description =

Error - 8/6/2010 12:16:37 PM | Computer Name = PETER | Source = Google Update | ID = 20
Description =

Error - 8/6/2010 1:14:05 PM | Computer Name = PETER | Source = Google Update | ID = 20
Description =

Error - 8/6/2010 2:14:05 PM | Computer Name = PETER | Source = Google Update | ID = 20
Description =

Error - 8/6/2010 3:14:05 PM | Computer Name = PETER | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 9:14:05 AM | Computer Name = PETER | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 10:14:05 AM | Computer Name = PETER | Source = Google Update | ID = 20
Description =

Error - 8/10/2010 7:34:28 PM | Computer Name = PETER | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 8/3/2010 8:10:14 AM | Computer Name = PETER | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Internet Explorer 8 for Windows XP.

Error - 8/3/2010 11:41:20 AM | Computer Name = PETER | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 8/3/2010 11:43:00 AM | Computer Name = PETER | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 8/3/2010 11:45:31 AM | Computer Name = PETER | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 8/3/2010 11:46:13 AM | Computer Name = PETER | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 8/4/2010 8:03:52 AM | Computer Name = PETER | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 8/8/2010 9:47:20 PM | Computer Name = PETER | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 8/18/2010 8:00:43 AM | Computer Name = PETER | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.100 on
the Network Card with network address 001125B81299.

Error - 8/18/2010 8:28:55 AM | Computer Name = PETER | Source = SRService | ID = 104
Description = The System Restore initialization process failed.

Error - 8/18/2010 8:28:55 AM | Computer Name = PETER | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%2


< End of report >

The first post I made today got held up. It said a moderator would have to approve it. Let me know if I need to repost the beginning of the otl report. Thanks again.

You did fine

I am also having some mouse troubles, it will not click or double clicks when it is unwanted

Click to expand...

Step 1 - try another mouse

=======================================================================

We need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.

=======================================================================

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  Code:

  :OTL
  O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  [4 C:\Documents and Settings\Peter Malanos\My Documents\*.tmp files -> C:\Documents and Settings\Peter Malanos\My Documents\*.tmp -> ]
  [2005/11/27 19:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
  @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B174FAE
  
  
  :Services
  
  :Reg
  
  :Files
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

=====================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

2. Download Temp File Cleaner (TFC)

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

3. Go to Kaspersky website and perform an online antivirus scan.

• Disable your active antivirus program.
• Read through the requirements and privacy statement and click on Accept button.
• It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
• When the downloads have finished, click on Settings.
• Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
  
  • Spyware, Adware, Dialers, and other potentially dangerous programs
  • Archives
  • Mail databases
• Click on My Computer under Scan.
• Once the scan is complete, it will display the results. Click on View Scan Report.
• You will see a list of infected items there. Click on Save Report As....
• Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

I AM working on these just don't have a lot of time. Please don't lock.

Ran Javara and also otl with the fix.

when computer restarted there was a notice. Spooler sub system app has encountered a problem and must close. Here is the log.

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Documents and Settings\Peter Malanos\My Documents\~WRL0670.tmp deleted successfully.
C:\Documents and Settings\Peter Malanos\My Documents\~WRL2025.tmp deleted successfully.
C:\Documents and Settings\Peter Malanos\My Documents\~WRL2784.tmp deleted successfully.
C:\Documents and Settings\Peter Malanos\My Documents\~WRL3280.tmp deleted successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome\BH00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B174FAE deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Peter Malanos
->Temp folder emptied: 232880160 bytes
->Temporary Internet Files folder emptied: 1014708 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 74656854 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 4515 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1537416 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 67404 bytes

Total Files Cleaned = 296.00 mb


[EMPTYFLASH]

User: All Users
->Flash cache emptied: 0 bytes

User: Default User

Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 2
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
IBM 32-bit Runtime Environment for Java 2, v1.4.2
Java(TM) 6 Update 21
IBM 32-bit Runtime Environment for Java 2, v1.4.2
Adobe Flash Player 9 (Out of date Flash Player installed!)
Adobe Flash Player 10.0.32.18
Adobe Reader 9.3
Mozilla Firefox (3.0.19) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Peter Malanos Desktop SecurityCheck.exe
Alwil Software Avast5 AvastSvc.exe
ALWILS~1 Avast5 avastUI.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

When Kaspersky comes up clean, we need to remember to install SP3.

Update your Firefox.

Go to Add\Remove and uninstall:
- IBM 32-bit Runtime Environment for Java 2, v1.4.2

I haven't run kaspersky yet. Just tried to and it says java is not enabled but as far as I can tell it is. What should I do. Also my print spooler isn't running as I mentioned so I can't print anything. Is this because of something we did?

Sometimes a combination of an infection and cleaning tools may corrupt some files.
I suggest, you reinstall your printer.

Instead of Kaspersky...

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• IMPORTANT! UN-check Remove found threats
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, push List of found threats
• Push Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

The eset scanner never gave me a list of found threats to select. It just said it was finished.

That's normal, if nothing found

OTL Clean-Up
Clean up with OTL:

* Double-click OTL.exe to start the program.
* Close all other programs apart from OTL as this step will require a reboot
* On the OTL main screen, press the CLEANUP button
* Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

=====================================================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.

Turn off System Restore:

- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista and 7:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK

2. Restart computer.

3. Turn System Restore on.

4. Make sure, Windows Updates are current.

5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. Run defrag at your convenience.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.

Computer will not remove the java you recommended. It says "Error 1603 fatal error during installconsult windows installer help0 (msi.chn) for more information.

Leave Java alone then.