Solved Computer shutting down when trying to run Avast!, MWB, and SAS

Status
Not open for further replies.
So far, So good :)

The computer is running quiet. Hasn't been that way in awhile. Working a lot faster too. Screen is not jumping anymore. Wow, I had all but given up. I tried to run ComboFix last night and the computer shut down again, but gave it another shot this morning and it went all the way. Will be in touch! Many thanks!
 
OTL

OTL logfile created on: 9/10/2011 12:49:50 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Student\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 81.29% Memory free
3.25 Gb Paging File | 2.86 Gb Available in Paging File | 88.06% Paging File free
Paging file location(s): c:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.08 Gb Total Space | 22.42 Gb Free Space | 57.38% Space Free | Partition Type: NTFS

Computer Name: CA-CNU9193LH1 | User Name: Student | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/10 12:48:23 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Student\Desktop\OTL.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/04 14:44:54 | 000,427,384 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
PRC - [2007/12/11 19:32:08 | 000,300,392 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\temp\IR7405.EXE
PRC - [2007/12/11 19:31:52 | 000,710,000 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
PRC - [2007/12/11 19:31:04 | 000,808,304 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
PRC - [2007/12/11 19:31:00 | 000,779,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
PRC - [2007/12/11 16:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2005/12/23 16:44:26 | 000,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe
PRC - [2005/08/31 08:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE


========== Modules (No Company Name) ==========

MOD - [2011/09/08 09:00:00 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011/09/08 08:59:51 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
MOD - [2011/09/08 08:58:44 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011/09/08 08:58:33 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011/09/08 08:58:26 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/09/08 08:58:21 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/09/08 08:58:16 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/09/08 08:58:08 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2008/05/22 14:24:20 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2908.16950__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008/05/22 14:24:20 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2908.17117__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008/05/22 14:24:20 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2908.17139__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008/05/22 14:24:20 | 000,253,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2908.16911__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008/05/22 14:24:20 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2908.16962__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008/05/22 14:24:20 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2908.17131__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008/05/22 14:24:20 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2908.17098__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008/05/22 14:24:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2908.16942__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008/05/22 14:24:20 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2908.17057__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008/05/22 14:24:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2908.16929__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008/05/22 14:24:17 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2908.17160__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008/05/22 14:23:38 | 000,352,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2908.17105__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:38 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2908.17167__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:38 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2908.16956__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:38 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2908.17111__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008/05/22 14:23:38 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2908.16923__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:38 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2908.16955__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2008/05/22 14:23:37 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.2908.17174__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:37 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2908.17104__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008/05/22 14:23:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.2908.17173__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.dll
MOD - [2008/05/22 14:23:36 | 000,794,624 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2908.17064__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:36 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2908.17124__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008/05/22 14:23:36 | 000,217,088 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2908.16969__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:36 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2908.17064__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008/05/22 14:23:35 | 000,901,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2908.17132__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:35 | 000,663,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2908.17099__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:35 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2908.16976__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:35 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2908.17059__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:35 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2908.16930__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:35 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2908.17092__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:35 | 000,331,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2908.17051__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:35 | 000,307,200 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2908.16982__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008/05/22 14:23:35 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2908.17080__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008/05/22 14:23:35 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2908.17057__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008/05/22 14:23:35 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2908.16982__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008/05/22 14:23:35 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2908.17080__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008/05/22 14:23:35 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2908.17091__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008/05/22 14:23:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2908.17063__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008/05/22 14:23:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008/05/22 14:23:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2886.28812__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008/05/22 14:23:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2886.28862__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008/05/22 14:23:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2886.28831__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008/05/22 14:23:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2886.28863__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008/05/22 14:23:34 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008/05/22 14:23:33 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2886.28801__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008/05/22 14:23:33 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2886.28803__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008/05/22 14:23:33 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2886.28837__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008/05/22 14:23:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2886.28829__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008/05/22 14:23:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2886.28836__90ba9c70f846762e\DEM.OS.dll
MOD - [2008/05/22 14:23:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008/05/22 14:23:32 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2886.28804__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008/05/22 14:23:32 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2886.28823__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008/05/22 14:23:32 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008/05/22 14:23:32 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008/05/22 14:23:32 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2886.28860__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008/05/22 14:23:32 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2886.28885__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008/05/22 14:23:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008/05/22 14:23:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2886.28817__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008/05/22 14:23:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2886.28813__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008/05/22 14:23:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2008/05/22 14:23:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2886.28837__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008/05/22 14:23:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008/05/22 14:23:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2886.28819__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008/05/22 14:23:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008/05/22 14:23:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2886.28838__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008/05/22 14:23:31 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008/05/22 14:23:31 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008/05/22 14:23:31 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008/05/22 14:23:31 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2886.28830__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008/05/22 14:23:31 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.2886.28861__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.dll
MOD - [2008/05/22 14:23:31 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008/05/22 14:23:31 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008/05/22 14:23:31 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2886.28848__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008/05/22 14:23:31 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008/05/22 14:23:30 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008/05/22 14:23:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2886.28849__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008/05/22 14:23:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2886.28832__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008/05/22 14:23:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2886.28801__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008/05/22 14:23:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008/05/22 14:23:30 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2886.28831__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008/05/22 14:23:30 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008/05/22 14:23:20 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2908.17152__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008/05/22 14:23:20 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2908.17150__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008/05/22 14:23:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2908.17177__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008/05/22 14:23:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2886.28814__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008/05/22 14:23:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2886.28834__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008/05/22 14:23:20 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2908.16901__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008/05/22 14:23:19 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2908.16937__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008/05/22 14:23:19 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2908.16903__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008/05/22 14:23:19 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2886.28834__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008/05/22 14:23:19 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2886.28809__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008/05/22 14:23:19 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2886.28826__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008/05/22 14:23:19 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2886.28832__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008/05/22 14:23:18 | 001,507,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2908.16918__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008/05/22 14:23:18 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2908.16903__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008/05/22 14:23:18 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2908.16902__90ba9c70f846762e\APM.Server.dll
MOD - [2008/05/22 14:23:18 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2908.16901__90ba9c70f846762e\AEM.Server.dll
MOD - [2008/05/22 14:23:18 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008/05/22 14:23:18 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2908.17151__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008/05/22 14:23:18 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008/05/22 14:23:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2886.28851__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2005/12/23 16:44:26 | 000,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe
MOD - [2004/06/01 05:39:56 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Auto | Stopped] -- -- (CCOMSVC)
SRV - [2007/12/11 19:31:04 | 000,808,304 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe -- (tmlisten)
SRV - [2007/12/11 19:31:00 | 000,779,632 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe -- (ntrtscan)
SRV - [2007/12/11 16:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/04/27 21:35:28 | 000,575,064 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe -- (TmProxy)
SRV - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2010/10/20 18:45:16 | 000,249,424 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmxpflt.sys -- (TmFilter)
DRV - [2010/10/20 18:45:06 | 000,036,432 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmpreflt.sys -- (TmPreFilter)
DRV - [2010/10/20 18:30:02 | 001,331,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\VsapiNT.sys -- (VSApiNt)
DRV - [2008/11/26 16:37:42 | 000,187,392 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) Broadcom NetLink (TM)
DRV - [2008/09/11 03:32:26 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/07/23 11:31:38 | 000,044,800 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2008/05/22 14:31:39 | 001,265,536 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/03/28 10:14:02 | 000,024,064 | ---- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2008/03/12 15:43:26 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Amddfltr.sys -- (Amddfltr)
DRV - [2008/02/29 20:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/12/24 17:37:00 | 000,138,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2006/11/14 13:14:04 | 000,073,288 | ---- | M] (Trend Micro Incorporated.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2006/10/19 01:23:00 | 000,033,024 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HP24X.sys -- (HP24X)
DRV - [2006/10/17 10:59:06 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006/10/17 10:57:58 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2006/06/19 02:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/03/30 17:39:48 | 000,130,432 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500)
DRV - [2006/02/15 16:56:58 | 001,342,570 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/02/15 16:54:10 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/01/29 21:00:04 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/01/29 21:00:04 | 000,718,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/01/29 21:00:04 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/11/30 06:12:36 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/09/19 17:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 17:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 17:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005/08/31 08:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/08/31 08:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/08/31 08:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/08/31 08:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/08/31 08:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/08/31 08:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/08/31 08:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 15:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 15:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2001/08/17 15:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://schools.connectionsacademy.com
IE - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://schools.connectionsacademy.com/
IE - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3A 64 1E 38 9D E3 C9 01 [binary data]
IE - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)



O1 HOSTS File: ([2011/09/10 09:26:00 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O4 - HKLM..\Run: [CARPService] File not found
O4 - HKLM..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DrvLsnr] File not found
O4 - HKLM..\Run: [HotKeysCmds] File not found
O4 - HKLM..\Run: [HPDJ Taskbar Utility] File not found
O4 - HKLM..\Run: [IgfxTray] File not found
O4 - HKLM..\Run: [Name] C:\WINDOWS\system32\cas\msname.vbs ()
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoManageMyComputerVerb = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuNetworkPlaces = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisablePersonalDirChange = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyDocuments = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesRecycleBin = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictCpl = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 1 = desk.cpl (Microsoft Corporation)
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 2 = inetcpl.cpl (Microsoft Corporation)
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 3 = main.cpl (Microsoft Corporation)
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 5 = ncpa.cpl (Microsoft Corporation)
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 6 = ncpa.cpl (Microsoft Corporation)
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 7 = netsetup.cpl (Microsoft Corporation)
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 8 = telephon.cpl (Microsoft Corporation)
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 9 = timedate.cpl (Microsoft Corporation)
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 10 = wscui.cpl (Microsoft Corporation)
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 1
O7 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKLM\..Trusted Domains: connectionsacademy.com ([schools] * in Trusted sites)
O15 - HKLM\..Trusted Domains: connectionsacademy.com ([schools] https in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range1 ([http] in Trusted sites)
 
2nd part of OTL

O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: aim.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: aol.com ([iknowthat.school] http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: aolatschool.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: atwola.com ([ar] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: atwola.com ([www.ar] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: brainpop.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: connectionsacademy.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: connectionsacademy.com ([schools] http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: D ([]file in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: edgate.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: letsgolearn.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: msnbc.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: passport.net ([login] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: schoolnotes.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: teacherweb.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: worldbookonline.com ([www] * in Trusted sites)
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} http://10.1.0.17:8180/officescan/ClientInstall/WinNTChk.cab (ObjWinNTCheck Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} http://10.1.0.65:8080/officescan/console/html/ClientInstall/setup.cab (OfficeScan Corp Edition Web-Deployment SetupCtrl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} http://10.1.0.65:8080/officescan/console/html/root/AtxEnc.cab (Encrypt Class)
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} http://10.1.0.17:8180/officescan/clientinstall/RemoveCtrl.cab (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1226096417281 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 204.186.110.76 216.144.187.37 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D304090-4CEA-4F39-9825-61439B592402}: DhcpNameServer = 10.1.5.101 10.1.5.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3093FAB-0A84-4C76-849D-C6CC479D0E3D}: DhcpNameServer = 192.168.2.1 204.186.110.76 216.144.187.37 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4AB9F22-46C9-4326-B049-87C9B783EB56}: DhcpNameServer = 192.168.254.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/07 21:57:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/10 12:48:18 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Student\Desktop\OTL.exe
[2011/09/10 09:30:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/09/09 23:29:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/09/09 23:29:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/09/09 23:29:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/09/09 23:29:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/09/09 23:28:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/09 23:28:50 | 000,000,000 | ---D | C] -- C:\Judy
[2011/09/09 21:54:12 | 004,201,039 | R--- | C] (Swearware) -- C:\Documents and Settings\Student\Desktop\Judy.exe
[2011/09/08 18:02:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/08 16:31:40 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Student\Desktop\aswMBR.exe
[2011/09/08 08:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/09/07 18:17:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Student\Start Menu\Programs\Administrative Tools
[2011/09/07 18:16:00 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Student\Desktop\dds.scr
[2011/09/07 17:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Student\Application Data\Malwarebytes
[2011/09/07 17:55:21 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/07 17:55:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/07 17:55:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/09/07 17:55:15 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/07 17:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/07 17:54:01 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Student\Desktop\mbam-setup-1.51.1.1800.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/10 12:48:23 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Student\Desktop\OTL.exe
[2011/09/10 10:26:29 | 000,001,180 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/10 10:25:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/10 10:25:24 | 2949,500,928 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/10 09:26:00 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/09/09 21:54:15 | 004,201,039 | R--- | M] (Swearware) -- C:\Documents and Settings\Student\Desktop\Judy.exe
[2011/09/09 14:15:09 | 000,442,816 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/09 14:15:09 | 000,072,118 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/09/09 13:44:14 | 000,001,789 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/08 16:51:01 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Student\Desktop\MBR.dat
[2011/09/08 16:31:41 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Student\Desktop\aswMBR.exe
[2011/09/08 09:14:57 | 000,345,016 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/07 18:16:12 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Student\Desktop\dds.scr
[2011/09/07 18:09:33 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Student\Desktop\kmp4cn56.exe
[2011/09/07 17:55:22 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 17:54:01 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Student\Desktop\mbam-setup-1.51.1.1800.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/10 10:25:24 | 2949,500,928 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/09 23:29:02 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/09 23:29:02 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/09 23:29:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/09 23:29:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/09 23:29:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/08 16:41:16 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Student\Desktop\MBR.dat
[2011/09/07 18:09:30 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Student\Desktop\kmp4cn56.exe
[2011/09/07 17:55:22 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/19 19:24:48 | 000,000,880 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.INI
[2008/11/07 18:29:33 | 000,000,365 | ---- | C] () -- C:\WINDOWS\OfficeScanWebDeployment.ini
[2008/05/22 14:26:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/04/16 19:03:05 | 000,005,692 | ---- | C] () -- C:\WINDOWS\System32\wfileu.drv
[2008/04/16 19:03:05 | 000,005,394 | ---- | C] () -- C:\WINDOWS\System32\wrestfil.dll
[2008/04/16 19:03:05 | 000,002,164 | ---- | C] () -- C:\WINDOWS\System32\wzfil.dll
[2008/04/16 19:03:04 | 000,014,412 | ---- | C] () -- C:\WINDOWS\System32\tafil.dll
[2008/04/16 19:03:04 | 000,012,114 | ---- | C] () -- C:\WINDOWS\System32\sporfil.dll
[2008/04/16 19:03:04 | 000,006,830 | ---- | C] () -- C:\WINDOWS\System32\swfil.dll
[2008/04/16 19:03:04 | 000,004,826 | ---- | C] () -- C:\WINDOWS\System32\vgamfil.dll
[2008/04/16 19:03:04 | 000,003,818 | ---- | C] () -- C:\WINDOWS\System32\viofil.dll
[2008/04/16 19:03:04 | 000,003,444 | ---- | C] () -- C:\WINDOWS\System32\srchin.dll
[2008/04/16 19:03:04 | 000,001,656 | ---- | C] () -- C:\WINDOWS\System32\tapfil.dll
[2008/04/16 19:03:04 | 000,000,724 | ---- | C] () -- C:\WINDOWS\System32\spmfil.dll
[2008/04/16 19:03:04 | 000,000,652 | ---- | C] () -- C:\WINDOWS\System32\snetfil.dll
[2008/04/16 19:03:04 | 000,000,540 | ---- | C] () -- C:\WINDOWS\System32\srchfrgn.dll
[2008/04/16 19:03:04 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\srchout.dll
[2008/04/16 19:03:03 | 000,158,856 | ---- | C] () -- C:\WINDOWS\System32\pxyfil.dll
[2008/04/16 19:03:03 | 000,012,486 | ---- | C] () -- C:\WINDOWS\System32\psyfil.dll
[2008/04/16 19:03:03 | 000,000,782 | ---- | C] () -- C:\WINDOWS\System32\snetbonly.dll
[2008/04/16 19:03:02 | 000,022,384 | ---- | C] () -- C:\WINDOWS\System32\perfil.dll
[2008/04/16 19:03:02 | 000,017,672 | ---- | C] () -- C:\WINDOWS\System32\nvgamfil.dll
[2008/04/16 19:03:02 | 000,016,732 | ---- | C] () -- C:\WINDOWS\System32\popfil.dll
[2008/04/16 19:03:02 | 000,008,652 | ---- | C] () -- C:\WINDOWS\System32\jbfil.dll
[2008/04/16 19:03:02 | 000,007,638 | ---- | C] () -- C:\WINDOWS\System32\movfil.dll
[2008/04/16 19:03:02 | 000,007,446 | ---- | C] () -- C:\WINDOWS\System32\pkmon.dll
[2008/04/16 19:03:02 | 000,003,360 | ---- | C] () -- C:\WINDOWS\System32\lgwfil.dll
[2008/04/16 19:03:02 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\imgfil.dll
[2008/04/16 19:03:02 | 000,000,670 | ---- | C] () -- C:\WINDOWS\System32\mp3fil.dll
[2008/04/16 19:03:02 | 000,000,306 | ---- | C] () -- C:\WINDOWS\System32\picsfil.dll
[2008/04/16 19:03:02 | 000,000,116 | ---- | C] () -- C:\WINDOWS\System32\nfil.dll
[2008/04/16 19:03:02 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\macfil.dll
[2008/04/16 19:03:02 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\lastupdate.dll
[2008/04/16 19:03:01 | 000,013,112 | ---- | C] () -- C:\WINDOWS\System32\finfil.dll
[2008/04/16 19:03:01 | 000,013,034 | ---- | C] () -- C:\WINDOWS\System32\gblfil.dll
[2008/04/16 19:03:01 | 000,011,164 | ---- | C] () -- C:\WINDOWS\System32\fmfil.dll
[2008/04/16 19:03:01 | 000,009,636 | ---- | C] () -- C:\WINDOWS\System32\gnfil.dll
[2008/04/16 19:03:01 | 000,005,180 | ---- | C] () -- C:\WINDOWS\System32\iawfil.dll
[2008/04/16 19:03:01 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\hatfil.dll
[2008/04/16 19:03:01 | 000,001,816 | ---- | C] () -- C:\WINDOWS\System32\fshrfil.dll
[2008/04/16 19:03:01 | 000,001,328 | ---- | C] () -- C:\WINDOWS\System32\gdwfil.dll
[2008/04/16 19:03:01 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\igefil.dll
[2008/04/16 19:03:00 | 000,094,356 | ---- | C] () -- C:\WINDOWS\System32\adwfil.dll
[2008/04/16 19:03:00 | 000,012,350 | ---- | C] () -- C:\WINDOWS\System32\entfil.dll
[2008/04/16 19:03:00 | 000,010,862 | ---- | C] () -- C:\WINDOWS\System32\chtfil.dll
[2008/04/16 19:03:00 | 000,007,492 | ---- | C] () -- C:\WINDOWS\System32\auctfil.dll
[2008/04/16 19:03:00 | 000,001,830 | ---- | C] () -- C:\WINDOWS\System32\cultfil.dll
[2008/04/16 19:03:00 | 000,001,790 | ---- | C] () -- C:\WINDOWS\System32\csnews.dll
[2008/04/16 19:03:00 | 000,000,400 | ---- | C] () -- C:\WINDOWS\System32\bsnlst.dll
[2008/04/16 19:03:00 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\bnrfil.dll
[2007/12/18 13:25:14 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007/12/18 13:25:14 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2007/12/18 13:25:14 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2007/07/03 19:58:40 | 000,123,157 | ---- | C] () -- C:\WINDOWS\HPHins12.dat
[2007/07/03 19:58:40 | 000,014,916 | ---- | C] () -- C:\WINDOWS\hphmdl12.dat
[2007/07/03 19:58:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2007/07/03 18:25:57 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/06/14 22:11:25 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Student\Local Settings\Application Data\fusioncache.dat
[2007/06/08 18:00:57 | 000,013,491 | ---- | C] () -- C:\WINDOWS\cfgall.ini
[2007/05/09 20:17:45 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/05/09 20:17:45 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/05/09 20:17:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/05/09 20:17:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/05/09 20:17:45 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/05/09 20:17:45 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/03/05 16:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/10/12 16:35:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Instx64.exe
[2006/07/11 01:59:10 | 000,000,172 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/07/11 01:57:28 | 000,028,802 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/04/24 12:48:58 | 000,174,819 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/02/28 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/22 00:36:12 | 000,000,252 | ---- | C] () -- C:\WINDOWS\System32\SNet.dll
[2006/02/15 17:04:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/12/01 15:11:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2004/08/07 09:16:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/07 09:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 09:10:30 | 000,442,816 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/07 09:10:30 | 000,072,118 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/07 09:10:08 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/07 09:02:54 | 000,345,016 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/07 08:57:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/07 08:54:58 | 000,023,332 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/04 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/03 10:30:10 | 000,000,030 | ---- | C] () -- C:\WINDOWS\liccyval.dat
[2004/06/01 05:39:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2004/03/24 18:03:46 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\MSLSPC.exe
[2002/08/13 09:10:10 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2002/08/13 09:09:50 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1998/05/06 22:10:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.dll

========== LOP Check ==========

[2007/05/09 20:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Infineon
[2006/07/11 02:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\SampleView
[2007/06/07 22:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Infineon
[2006/07/11 02:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2007/05/09 20:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Infineon
[2009/06/18 16:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/06/25 09:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{012073D1-3404-4610-B607-815862D6C12E}
[2006/07/11 02:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2007/06/14 22:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Student\Application Data\Infineon
[2007/07/03 22:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Student\Application Data\InterVideo
[2007/07/03 18:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Student\Application Data\OfficeUpdate12
[2006/07/11 02:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Student\Application Data\SampleView

========== Purity Check ==========



========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.* >
[2009/03/19 19:27:03 | 000,195,444 | ---- | M] () -- C:\amd_filter.log
[2007/06/07 21:57:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/05/22 14:32:06 | 000,000,086 | ---- | M] () -- C:\bcmwl5.log
[2008/06/26 12:41:22 | 000,000,242 | -HS- | M] () -- C:\boot.ini
[2011/09/10 09:30:50 | 000,012,967 | ---- | M] () -- C:\ComboFix.txt
[2007/06/07 21:57:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/09/10 10:25:24 | 2949,500,928 | -HS- | M] () -- C:\hiberfil.sys
[2007/06/07 21:57:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/06/07 21:57:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/02/28 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/06/26 11:29:02 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/09/10 10:25:22 | 704,643,072 | -HS- | M] () -- C:\pagefile.sys
[2011/09/09 23:24:54 | 000,000,359 | ---- | M] () -- C:\rkill.log
[2008/11/07 18:30:57 | 000,000,021 | ---- | M] () -- C:\tmuninst.ini
[2008/11/07 18:19:52 | 000,000,882 | ---- | M] () -- C:\UninstRA.log
[2008/11/07 20:06:36 | 000,001,020 | ---- | M] () -- C:\updatedatfix.log
[2006/06/19 17:08:17 | 000,000,054 | ---- | M] () -- C:\ut.bat
[2006/06/21 23:03:22 | 000,000,056 | ---- | M] () -- C:\ut9x.bat

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2007/06/07 21:56:53 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2004/06/01 08:55:56 | 000,061,952 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp35z.dll
[2006/06/04 00:29:06 | 000,076,288 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp4pi.dll
[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2007/06/07 14:42:46 | 000,262,144 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007/06/07 21:31:59 | 000,262,144 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2007/06/07 14:42:46 | 017,301,504 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007/06/07 14:42:47 | 004,718,592 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/06/26 11:35:42 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2007/06/14 22:11:54 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Student\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/07 09:04:04 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Student\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/09/08 16:31:41 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Student\Desktop\aswMBR.exe
[2011/09/09 21:54:15 | 004,201,039 | R--- | M] (Swearware) -- C:\Documents and Settings\Student\Desktop\Judy.exe
[2011/09/07 18:09:33 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Student\Desktop\kmp4cn56.exe
[2011/09/07 17:54:01 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Student\Desktop\mbam-setup-1.51.1.1800.exe
[2011/09/10 12:48:23 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Student\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2007/06/14 22:11:51 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Student\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2009/06/02 14:41:02 | 000,001,168 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2009/06/01 17:23:32 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Student\Cookies\desktop.ini
[2011/09/10 12:48:12 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Student\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 05:41:52 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/03 23:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 10:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 23:00:30 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 05:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2007/04/02 23:37:24 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2007/04/02 23:37:24 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2007/04/02 23:37:26 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2007/04/02 23:37:28 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2007/04/02 23:34:02 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
 
Extras

OTL Extras logfile created on: 9/10/2011 12:49:50 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Student\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 81.29% Memory free
3.25 Gb Paging File | 2.86 Gb Available in Paging File | 88.06% Paging File free
Paging file location(s): c:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.08 Gb Total Space | 22.42 Gb Free Space | 57.38% Space Free | Partition Type: NTFS

Computer Name: CA-CNU9193LH1 | User Name: Student | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{11A7769F-6706-3191-9A9A-6B4AB0F56419}" = Catalyst Control Center Localization Norwegian
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{169F0A86-B4E2-E0D0-9623-4982A9C48C93}" = CCC Help Chinese Traditional
"{177775EF-DF8B-D947-0B51-D14ED1F836C5}" = Catalyst Control Center Localization Czech
"{183C2621-49ED-C3F3-6FFF-4807079E1AC0}" = CCC Help Thai
"{189DC77B-7B5B-0547-276B-C026EF0C757C}" = ccc-core-preinstall
"{1D8135C3-46FA-77E4-E645-405BD62DDAB9}" = Catalyst Control Center Localization Turkish
"{209DC8F3-20D6-56D1-3EDA-04792A59589D}" = CCC Help Greek
"{24B3DF86-75B9-4DBD-AC39-C0C041583E6F}" = HP PCMCIA Smart Card Reader
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 14
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A0AF7BE-CB9C-D902-676E-B3DAEECB6B2D}" = Catalyst Control Center Localization Korean
"{2B9A8E7E-CDE6-D723-3521-B6D4784FFBEA}" = Catalyst Control Center Localization Japanese
"{2D0A84FC-2178-131A-7563-705200BDFF20}" = CCC Help Polish
"{2EE6086A-2926-66A7-2B60-42FB259D95B7}" = Catalyst Control Center Localization Russian
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{33B75044-54B4-5AB4-7A19-7B9D77BF2285}" = Catalyst Control Center Localization Greek
"{33E58EE4-0E59-0017-78D0-D56FD3594770}" = CCC Help Korean
"{342BE86B-31F5-6E7E-A1CB-87BA5272BC2C}" = Catalyst Control Center Localization Hungarian
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.00 G2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352F5013-07DC-446D-8DB6-38F339086C60}" = LightScribe 1.4.84.1
"{36807E1C-C7F5-CCF7-3617-F41837DECAF7}" = CCC Help Danish
"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD
"{3A8B8170-7321-E5FC-0047-74F9F5D21B25}" = Catalyst Control Center Localization Thai
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{3F93B2BA-18EC-462B-9ACD-396599353EE1}" = Catalyst Control Center - Branding
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 F1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{48CF6549-B45D-4313-9927-EFCCC8A3493F}" = TIPCI
"{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF}" = AMD Driver Support for HP 3D DriverGuard
"{4D1E0AA2-3B34-6940-3663-0E255EFBBF63}" = CCC Help Portuguese
"{517459C1-A2C2-7641-AA71-4E7E98B5E8A9}" = CCC Help Spanish
"{53B35D1A-B93A-C389-409B-EEBC68D82861}" = Catalyst Control Center Core Implementation
"{540EA3CE-1229-5702-929D-A67E6331AC39}" = CCC Help Norwegian
"{5A721E61-FBDE-9422-3C64-17D918C7196B}" = Catalyst Control Center Localization German
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5F74F1E5-C4DF-7A18-3C11-A47382FFA660}" = CCC Help Swedish
"{611CB353-FEC0-1245-1859-B169344D1454}" = CCC Help Japanese
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{77F38DEB-140F-0B24-52C4-6B385127CB1F}" = Catalyst Control Center Localization Finnish
"{79AAA8E0-B47C-EDAB-826E-C498AA4857CE}" = CCC Help Finnish
"{87F93AA6-C062-40AC-970F-DEE3628548D9}" = CYBERsitter 10
"{89B65CDA-DC1B-C5B3-73DF-3CFF4A19A588}" = CCC Help German
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C74846F-56C1-7CA1-14BF-B7A87F7A0CA7}" = Catalyst Control Center Localization Dutch
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{907E8FCC-ACB6-8F7D-9930-8C95F1DC7D87}" = ccc-utility
"{90A2E630-72EA-3309-6B02-9307C795345C}" = CCC Help Russian
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9A154D6D-13D6-4CA1-BB3A-E792C18DACBF}" = SCR3xxx Smart Card Reader
"{9E325417-AE9C-4EE1-A158-13DF451A5987}" = Broadcom NetXtreme Ethernet Controller
"{A00E6A54-A3B5-7FCD-5DBA-4BFAB5B2DBD7}" = Catalyst Control Center Localization Italian
"{A21A1F07-8EE5-1DC3-74E5-73AF089B5722}" = Catalyst Control Center Localization Polish
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}" = HP Notebook Accessories Product Tour
"{A843E814-9178-6F3F-E821-9094D33128F5}" = Catalyst Control Center Graphics Full New
"{A893EF27-F743-D48F-3971-ABD33A2A0902}" = CCC Help French
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AA3D13A1-2373-6638-8398-FBDA07FAC464}" = CCC Help Turkish
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF0EC284-33B6-9100-E851-B64FDC070429}" = Catalyst Control Center Localization French
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B1463859-54D3-03C0-2D87-04D15A4B5D06}" = Catalyst Control Center Localization Chinese Traditional
"{B15AC518-1C5D-D41F-37CA-768851B11FAB}" = Catalyst Control Center Localization Swedish
"{B19F9155-9337-4807-B5EF-ED471DDB2CCE}" = hph_software_req
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BC1584FD-B945-E401-7C34-929964DE9E24}" = CCC Help Chinese Standard
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C443C2F5-CBEC-1299-3A60-6C3C9965EF5A}" = CCC Help Czech
"{C594294F-E38B-FB39-4C3B-E97EFCE3AC0D}" = Catalyst Control Center Localization Danish
"{C97636B2-42D2-C8C0-CDD8-4A323CF6BC5C}" = CCC Help Italian
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF0F7BFE-61D8-E7B8-6F99-F5E149B89051}" = Catalyst Control Center Localization Portuguese
"{D1AE6D4D-C37A-487d-83D8-C333125B2459}" = HP Photosmart and Deskjet 7.0 Software
"{D7BE4FF6-24E1-3E12-D6D0-C76F26F31327}" = Catalyst Control Center Graphics Light
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBBE5C26-72B7-4E01-950D-86BDE35918ED}" = Embedded Security for HP ProtectTools Driver
"{DFDE44B2-4E88-9B2D-75B6-945635C665DF}" = Catalyst Control Center Localization Spanish
"{E05C9D01-CCED-4328-9EE0-0B6893087C6F}" = HP User Guides 0022
"{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}" = Application Installer 4.00.B6
"{E634B696-8333-8216-6415-86272864894F}" = ccc-core-static
"{E78A17B7-B3E7-045B-820D-5DCE2541DEBC}" = CCC Help English
"{E978DAC8-F978-B81D-0BA1-9A566A79A7A6}" = CCC Help Hungarian
"{E9A82610-AD0E-F189-1F41-95996BC15794}" = Catalyst Control Center Graphics Full Existing
"{EB36FA85-8004-D358-601C-542FE3A2A77C}" = CCC Help Dutch
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F261FBAE-252F-44F1-8ACC-D6BDFD240F53}" = Adobe Presenter 6.2
"{F6F6B40D-6477-87E2-3899-AF53366D84D2}" = Catalyst Control Center Localization Chinese Standard
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Presenter 6" = Adobe Presenter 6.2
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA_hpq0033m" = HDAUDIO Soft Data Fax Modem with SmartCP
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{48CF6549-B45D-4313-9927-EFCCC8A3493F}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OfficeScanNT" = Trend Micro OfficeScan Client
"PROPLUS" = Microsoft Office Professional Plus 2007
"SpywareBlaster_is1" = SpywareBlaster 4.2
"Swiff Player_is1" = Swiff Player 1.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/11/2008 6:00:07 AM | Computer Name = CA-CNU8333V5F | Source = Application Hang | ID = 1002
Description = Hanging application WMPAU.exe, version 11.0.5721.5146, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/11/2008 6:00:07 AM | Computer Name = CA-CNU8333V5F | Source = Application Hang | ID = 1002
Description = Hanging application WMPAU.exe, version 11.0.5721.5146, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/11/2008 11:39:21 AM | Computer Name = CA-CNU72808LJ | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Word.

Error - 6/9/2009 4:22:43 PM | Computer Name = CA-CNU9108VPP | Source = Application Hang | ID = 1002
Description = Hanging application HP Info Center.exe, version 1.0.1.1, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/9/2009 4:22:46 PM | Computer Name = CA-CNU9108VPP | Source = Application Hang | ID = 1001
Description = Fault bucket 173556379.

Error - 6/18/2009 4:00:21 PM | Computer Name = CA-CNU9108VPP | Source = MsiInstaller | ID = 11500
Description = Product: Java(TM) 6 Update 14 -- Error 1500.Another installation is
in progress. You must complete that installation before continuing this one.

Error - 9/7/2011 5:47:34 PM | Computer Name = CA-CNU9193LH1 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 9/7/2011 5:47:34 PM | Computer Name = CA-CNU9193LH1 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 9/7/2011 5:47:34 PM | Computer Name = CA-CNU9193LH1 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 9/7/2011 5:47:34 PM | Computer Name = CA-CNU9193LH1 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

[ System Events ]
Error - 9/9/2011 11:27:57 PM | Computer Name = CA-CNU9193LH1 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 9/9/2011 11:27:57 PM | Computer Name = CA-CNU9193LH1 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 9/9/2011 11:27:57 PM | Computer Name = CA-CNU9193LH1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD Fips IPSec MRxSmb NetBIOS NetBT Processor RasAcd Rdbss Tcpip tmtdi WS2IFSL

Error - 9/10/2011 9:08:26 AM | Computer Name = CA-CNU9193LH1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 9/10/2011 9:08:54 AM | Computer Name = CA-CNU9193LH1 | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBios over Tcpip service
which failed to start because of the following error: %%31

Error - 9/10/2011 9:08:54 AM | Computer Name = CA-CNU9193LH1 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 9/10/2011 9:08:54 AM | Computer Name = CA-CNU9193LH1 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 9/10/2011 9:08:54 AM | Computer Name = CA-CNU9193LH1 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 9/10/2011 9:08:54 AM | Computer Name = CA-CNU9193LH1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD Fips IPSec MRxSmb NetBIOS NetBT Processor RasAcd Rdbss Tcpip tmtdi WS2IFSL

Error - 9/10/2011 10:26:25 AM | Computer Name = CA-CNU9193LH1 | Source = Service Control Manager | ID = 7000
Description = The Communication Services service failed to start due to the following
error: %%2


< End of report >
 
update

So we decided to surf around a bit to see how the computer is doing (We hadn't used it before you asked, other than to check mail and contact you). Got a bit slower and got a notice on Facebook: Runtime Error...this application has requested the Runtime to terminate in an unusual way...Program C:\Program files\Internet Explorer\iexplore.exe. This has happened before too.?
The computer does get louder when accessing Facebook or games on Facebook, but is doing okay while at this site and for mail or surfing, so far.
 
1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

=================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
SRV - File not found [Auto | Stopped] -- -- (CCOMSVC)
O4 - HKLM..\Run: [CARPService] File not found
O4 - HKLM..\Run: [DrvLsnr] File not found
O4 - HKLM..\Run: [Name] C:\WINDOWS\system32\cas\msname.vbs ()
O15 - HKLM\..Trusted Domains: connectionsacademy.com ([schools] * in Trusted sites)
O15 - HKLM\..Trusted Domains: connectionsacademy.com ([schools] https in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range1 ([http] in Trusted sites) 
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: aim.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: aol.com ([iknowthat.school] http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: aolatschool.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: atwola.com ([ar] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: atwola.com ([www.ar] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: brainpop.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: connectionsacademy.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: connectionsacademy.com ([schools] http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: D ([]file in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: edgate.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: letsgolearn.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: msnbc.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: passport.net ([login] * in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: schoolnotes.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: teacherweb.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1787410411-2529828033-874725645-1007\..Trusted Domains: worldbookonline.com ([www] * in Trusted sites)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34


:Services

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" =-

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

=================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Question

First, I goofed. I jumped ahead in the instructions before removing the old Java Version and ran OTL.
Should I do the removing and run OTL again and send both logs? And, my daughter isn't home at the moment to help, so how do I unzip it to it's own folder?
 
OTL

All processes killed
========== OTL ==========
Service PEVSystemStart stopped successfully!
Service PEVSystemStart deleted successfully!
Service CCOMSVC stopped successfully!
Service CCOMSVC deleted successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CARPService deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DrvLsnr deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Name deleted successfully.
C:\WINDOWS\system32\cas\msname.vbs moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\connectionsacademy.com\schools\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\connectionsacademy.com\schools\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aim.com\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\iknowthat.school\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aolatschool.com\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\atwola.com\ar\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\atwola.com\www.ar\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\brainpop.com\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\connectionsacademy.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\connectionsacademy.com\schools\ not found.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\D\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\edgate.com\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\letsgolearn.com\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\msnbc.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\passport.net\login\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\schoolnotes.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\teacherweb.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1787410411-2529828033-874725645-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\worldbookonline.com\www\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\003202_.tmp deleted successfully.
C:\WINDOWS\SET61.tmp deleted successfully.
C:\WINDOWS\SET64.tmp deleted successfully.
C:\WINDOWS\SET70.tmp deleted successfully.
C:\WINDOWS\SETA5.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\\DisableMonitoring deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 81363 bytes
->Java cache emptied: 7660910 bytes
->Flash cache emptied: 405 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Student
->Temp folder emptied: 12344781 bytes
->Temporary Internet Files folder emptied: 78251311 bytes
->Java cache emptied: 13382560 bytes
->Flash cache emptied: 3677756 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 300875 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34318 bytes
RecycleBin emptied: 8889 bytes

Total Files Cleaned = 110.00 mb


[EMPTYFLASH]

User: admin

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Student
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.27.0 log created on 09102011_170843

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
 
Security check log

Computer is running slow, but better. I had copied this earlier, but must have jumped ahead and forgot to p.ost, sorry and thank you
 
Security Check Log

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
ESET Online Scanner v3
Trend Micro OfficeScan Client
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 27
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 5
Out of date Java installed!
Adobe Flash Player
Adobe Reader 9.1
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Trend Micro OfficeScan Client pccntmon.exe
Trend Micro OfficeScan Client ntrtscan.exe
Trend Micro OfficeScan Client tmlisten.exe
Trend Micro OfficeScan Client CNTAoSMgr.exe
``````````End of Log````````````
 
Uninstall:
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 5

================================================================

Update Adobe Reader

You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions.
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

================================================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.
 
Questions

First, I want to download Foxit and you say to uncheck the boxes for the toolbar and other "garbage". On the second screen it asks if you want to create a desktop icon, add icon to start menu, create a quick launch, set Foxit Reader as default etc. Do I not want to check any of those?? I've never used Foxit but have heard a lot of good about it.
Also, as a search engine I do not like IE, is Google Chrome a good alternative?
 
On the second screen it asks if you want to create a desktop icon, add icon to start menu, create a quick launch, set Foxit Reader as default etc. Do I not want to check any of those??
Click to expand...
Except for "quick launch" yes.

I'm not familiar with Google Chrome. I use Firefox.
 
OTL

Computer seems to be doing okay, surfing faster, screen is normal, still gets loud, but not like before. Can't unload previous versions of Adobe.

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Student
->Temp folder emptied: 249176 bytes
->Temporary Internet Files folder emptied: 181087927 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1138 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 300875 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 173.00 mb


[EMPTYFLASH]

User: admin

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Student
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.27.0 log created on 09112011_161207

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
 
Can't unload previous versions of Adobe.
Click to expand...
Adobe Reader 9.1?

still gets loud
Click to expand...
Download System Information for Windows (SIW free version)
No installation required.

After it scans your computer, navigate to Hardware>Sensors and post all info from there.

p4467438.gif
 
SIW

I clicked on the link and went to the free version. Then a security bar popped up that said "An add on for the website failed to run. Check the security settings in internet options for potential conflicts." Instead of the window you show in your example, the following notepad document opened.

**********************************************************************
*
* Copyright (c) 2005-2011 Topala Software Solutions
* SIW - System Information for Windows - version 2011-07-07
*
**********************************************************************

**********************************************************************
* CONTENTS OF THIS DOCUMENT
**********************************************************************
This README.TXT file describes SIW. The following topics are discussed:
1. Overview
2. What's New?
3. Installation
4. Copyright and Contact Information



**********************************************************************
* 1. Overview
**********************************************************************

SIW is a System Information tool that gathers detailed information about your system properties and settings.
A utility that includes detailed specs for Motherboard, BIOS, CPU, Devices, Memory, Video, Drives, Ports.
It displays information about Operating System, Installed Programs, Processes, Services,
Product Key (CD key), Serial Numbers, Users, Open Files, System uptime, Users, Network, Network Shares,
as well as real-time monitors for CPU, Memory, Page File usage and network traffic.
SIW also displays currently active network connections, Passwords hidden behind asterisks, installed codecs.



**********************************************************************
* 2. What's New?
**********************************************************************

* v2011 Build 0707
- Added Advanced Format Drives detection (http://www.windowsnetworking.com/articles_tutorials/Advanced-Format-Drives.html)
- Updated CPU Module: Support for Intel P67/H67/HM65/HM67/Q65/Q67/QS67 chipsets, Support for AMD FX "Bulldozer" (K15) and AMD Llano (K12) processor families, Preliminary support for Intel Sandy Bridge-EP processors, Added Turbo Boost (Intel) / Turbo CORE (AMD) detection.
- Updated Sensors Module: Support for MSI OEM sensor chip, Support for Nuvoton NCT6776F sensor chip, Support for Asustek P8P67-M mainboard.
- Updated devices database.
- Minor enhancements and compatibility fixes.

* v2011 Build 0526
Added "Adobe CS" license detection.
Updated "Installed Programs" Module.
Updated "Groups and Users" Module.
Updated devices database.
Minor enhancements and compatibility fixes.

* v2011 Build 0428
Added Security --> Audit Policy.
Added Tools --> Microsoft --> Memory Diagnostic Tool.
Added Windows SBS 2011 detection.
Added License detection for Microsoft SQL Server 2005.
Added License detection for Adobe Acrobat X.
Added License detection for Adobe CS.
Fixed License detection for Adobe Acrobat 9.
Fixed AMD Phenom II X2 and AMD Phenom II X4 Speed detection.
Fixed System Files module.
Updated Operating System Module.
Updated Applications Module.
Updated Outlook Password detection.
Updated Databases Module.
Updated Motherboard Module.
Updated BIOS Module.
Updated CPU Module: Intel Xeon "Westmere-EX" support, GPU frequency report on Intel Sandy Bridge processor, AMD Zacate/Ontario processors support
Updated Network Statistics Module.
Updated devices database.
Minor enhancements and compatibility fixes.

* v2011 Build 0203
Added "Regional Settings" --> "Installed Code Pages".
Added VirtualBox 4 detection.
Updated "Sensors" module.
Updated "Installed Updates" and "Missing Updates".
Fixed DirectX detection.
Fixed Ping command.
Updated devices database.
Updated SIWViewer.
Minor enhancements and compatibility fixes.

* v2010 Build 1118
Added Software Certificates.
Added SSL and TLS support(/smtpSecurity command line option). Free email servers (Gmail, Yahoo, Hotmail, GMX, etc.) can be used.
Added /zip command line option.
Added Tools --> Microsoft Support Diagnostic Tool.
New CPUs: Intel Core i3/i5/i7 "2000" serie processors (Sandy Bridge), Intel Core i7 970 "Gulftown", AMD Phenom II, Athlon II and Sempron II "Caspian" processors.
Added Jump List (Windows 7).
Updated PCI item.
Updated devices database.
Minor enhancements and compatibility fixes.


* v2010 Build 1021
Added Slovenian Language.
Added SMTP Authentication.
Added Print support for many items (Security, Regional Settings, Event Viewer, CPU, Memory, Sensors, Devices,
System Slots, Network Adapters, Video, Sound Devices, Storage Devices, Power Policy, Battery,
Resources, Extended Network Information).
Updated Eureka!
Updated Google Chrome Passwords.
Updated Video Module (added supported resolutions).
HTML Report uses UTF-8 encoding (instead of ISO-8859-1).
The Report can be FTP-ed or HTTP-Post-ed.
Updated devices database.
Minor enhancements and compatibility fixes.


* v2010 Build 0714
Updated Licenses (Adobe Acrobat 9, AutoCAD 2010, Autocad LT 2009, Corel VideoStudio 12 Pro, Techsmith Camtasia Studio 5/6, etc.).
Updated devices database.
Minor enhancements and compatibility fixes.

* v2010 Build 0616
Licenses: Added Microsoft Office 2010 x64 support.
Passwords: Added Wireless SSID/Password for Windows 7.
Passwords: Added Google Picasa support.
Updated Extended Network Information.
CPU: Fixed a hyperthreading issue.
Minor improvements and bug fixes.

* v2010 Build 0512
Licenses: Added Microsoft Office 2010 support.
Passwords: Added Google Chrome support.
Updated "CPU" module.
Minor improvements and bug fixes.

* v2010 Build 0428
Updated "Security" module.
Updated "Event Viewer" module.
Added /quickreport option.
Minor improvements and bug fixes.

* v2010 Build 0311
New "Hardware --> Resource" module.
Minor improvements and bug fixes.

* v2010 Build 0210
New "Power Policy" module.
New "Sound Device" module.
New "Tools: Microsoft --> Open 'God Mode' Directory" module.
Updated "Video" module.
Updated "CPU" module.
CPU: Intel Core i7 930 & 950, Core i7 980X "Gulftown", Xeon W3565, Intel Mobile Core i7/i5/i3 "Arrandale" (LV and ULV).
CPU: AMD Phenom FX-5000, Athlon II X2/X3/X4, Athlon L110, AMD AM3 socket detection improved.
VIA VX800 and VX855 chipsets support, ATI Radeon 2100 and Radeon X1250 support.
Minor improvements and bug fixes.

* v2009-11-13
Secrets: Added Outlook 2000-2007 password recovery.
Secrets: Added Firefox 3.5 support
Secrets: Fixed Outlook Express passwords
Added IPv6 support.
Minor improvements and bug fixes.

* v2009-10-22
Windows 7 Compatible
PortableApps
DirectX detection on Win7
Correct Splash Screen size if DPI != 96
Scheduled Tasks for Vista and Windows 7
Tools --> Hibernate Enable/Disable for Windows 7
Fixed: CPU and Memory Usage
Fixed: Installation Time
Fixed: Wrong menu
Fixed: Exception c0000096 when Sony Vegas 7 is installed on Vista 32
Fixed: Empty messages in Event Viewer
Minor improvements and bug fixes.

* v2009-09-09
Minor improvements and bug fixes.

* v2009-07-28
New laptops hardware monitors : Dell Latitude D400/D600/D830, Compal JHL90/91 & IFL90/91.
Support for Intel Management Engine (HECI).
NVIDIA nForce 980a chipset support.
Intel Core i5 and Core i3 processors.
Intel Atom Z530, Pentium DC E6300 (2.8GHz) and Core 2 Solo processors.
Intel P55 and US15W chipsets preliminary support.
AMD Phenom TWKR support.
AMD Phenom X2 "Callisto" and Athlon X2 "Regor" processors.
AMD Opteron 6-core "Istanbul" processor.
New sensor chips : NS PC87366, Fintek F71889F, Maxim MAX1617.
New "Tools --> MUICache Viewer" module.
New "Tools --> URL Explorer --> Search History" module.
Added Company info to Drivers and NT Services.
Added "Process Description (Online)" right-click menu. It uses http://www.processlibrary.com
Added "Command Line with parameter(s)" for "Running Processes".
Added "Roles and Features" for Windows 2008.
Updated Battery modele.
Minor improvements and bug fixes.

* v2009-05-18
Updated Battery module.
Updated Installed Programs module.
Fixed XML Report.
NVIDIA ION platform.
Intel "Clarkdale" processor preliminary support.
Preliminary support of Apple MacBook & MacBook Pro.
Minor improvements and bug fixes.


**********************************************************************
* 3. Installation
**********************************************************************

The program is for Windows Windows 98, Windows Millennium Edition, Windows NT,
Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008,
Windows 7 and Windows Server 2008 R2.

You don't need to uninstall previous version of SIW (if there are any).
To install or re-install SIW run siw-setup.exe



**********************************************************************
* 4. Copyright and Contact Information
**********************************************************************

SIW is written and supported by Gabriel Topala.
Home Page of SIW: http://www.gtopala.com
Anonymous Web Form: http://www.gtopala.com/tss/feedback.html
Email: siw@gtopala.com

**********************************************************************
Copyright (c) 2005-2011 Topala Software Solutions
**********************************************************************
 
I can see that download page changed a little...

Download and install SIW Multilanguage With Installer (SIW free version) (bottom of the screen)

Run the tool.
After it scans your computer, navigate to Hardware>Sensors and post all info from there.

p4467438.gif
 
sensors

Sensors Top
Sensor Value Min Max

--------------------------------------------------------------------------------
Hewlett-Packard 30E3 Top
Sensor Value Min Max
Temperatures
CPUZ 79 °C (174 °F) 73 °C (163 °F) 90 °C (193 °F)

--------------------------------------------------------------------------------
AMD Turion X2 Ultra ZM-82 Top
Sensor Value Min Max
Temperatures
Core #0 79 °C (173 °F) 73 °C (163 °F) 92 °C (198 °F)
Core #1 79 °C (173 °F) 73 °C (163 °F) 92 °C (198 °F)
Powers
Package 31.50 W 31.50 W 31.50 W

--------------------------------------------------------------------------------
ST9160411AS Top
Sensor Value Min Max
Temperatures
Assembly 44 °C (111 °F) 40 °C (103 °F) 44 °C (111 °F)
Air Flow 44 °C (111 °F) 40 °C (103 °F) 44 °C (111 °F)

--------------------------------------------------------------------------------
Battery Top
Sensor Value Min Max
Voltages
Current Voltage 12.44 V 12.44 V 12.44 V
Capacities
Designed Capacity 45355 mWh 45355 mWh 45355 mWh
Full Charge Capacity 45355 mWh 45355 mWh 45355 mWh
Current Capacity 44744 mWh 44744 mWh 44744 mWh
Levels
Wear Level 0 %
Charge Level 98 % 98 % 98 %
Network

--------------------------------------------------------------------------------
 
OK, your laptop is running too hot.
That's the reason it's so loud.
Fans are working overtime trying to cool the laptop down.
Your CPU max temperature is listed at 100C and you're reaching 92C.
Too close to dangerous level.

First thing to try is to get a can of compressed air, turn the laptop off and clean all vents very well.

When done post new SIW report.
 
Sensors 2

I may need to spray it a little more, but it is definitely quiet, even when I sign into mail or search. I should have known this, I do it to my desktop....

Sensors Top
Sensor Value Min Max

--------------------------------------------------------------------------------
Hewlett-Packard 30E3 Top
Sensor Value Min Max
Temperatures
CPUZ 71 °C (159 °F) 71 °C (159 °F) 73 °C (163 °F)

--------------------------------------------------------------------------------
AMD Turion X2 Ultra ZM-82 Top
Sensor Value Min Max
Temperatures
Core #0 70 °C (157 °F) 70 °C (157 °F) 74 °C (165 °F)
Core #1 70 °C (157 °F) 70 °C (157 °F) 74 °C (165 °F)
Powers
Package 31.50 W 31.50 W 31.50 W

--------------------------------------------------------------------------------
ST9160411AS Top
Sensor Value Min Max
Temperatures
Assembly 31 °C (87 °F) 31 °C (87 °F) 31 °C (87 °F)
Air Flow 31 °C (87 °F) 31 °C (87 °F) 31 °C (87 °F)

--------------------------------------------------------------------------------
Battery Top
Sensor Value Min Max
Voltages
Current Voltage 11.20 V 11.03 V 11.23 V
Capacities
Designed Capacity 45355 mWh 45355 mWh 45355 mWh
Full Charge Capacity 45355 mWh 45355 mWh 45355 mWh
Current Capacity 37074 mWh 37074 mWh 37562 mWh
Levels
Wear Level 0 %
Charge Level 81 % 81 % 82 %
 
You knocked it down 20 degrees. Pretty good.
Keep an eye on those temperatures.
You may also turn the laptop up side down and spray your keyboard as well.

In any case I'll mark this topic as resolved.
Good luck!
 
Status
Not open for further replies.

Similar threads

midian182
Avast fined $16.5 million by FTC for selling user browsing data to advertisers
Replies
12
Views
180
ZedRM
ZedRM
L
HP Class Action Lawsuit in 2023
Replies
0
Views
295
lsmartin
L
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
465
eriksnyman1
E

Latest posts

Back