Remember, everything here was taken in
SAFE MODE.OTL Log:All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598B818E-71F1-486E-A0BE-9952B5851367}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{598B818E-71F1-486E-A0BE-9952B5851367}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{598B818E-71F1-486E-A0BE-9952B5851367} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{598B818E-71F1-486E-A0BE-9952B5851367}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GM4IE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6CE08A84-B3F9-422a-B133-60275F605AF4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6CE08A84-B3F9-422a-B133-60275F605AF4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6CE08A84-B3F9-422a-B133-60275F605AF4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6CE08A84-B3F9-422a-B133-60275F605AF4}\ not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Anna McManus
->Temp folder emptied: 1558237 bytes
->Temporary Internet Files folder emptied: 15228232 bytes
->Java cache emptied: 42750257 bytes
->FireFox cache emptied: 77754192 bytes
->Google Chrome cache emptied: 6230746 bytes
->Apple Safari cache emptied: 5004288 bytes
->Flash cache emptied: 5985849 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2434942 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 82403 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 142942 bytes
Total Files Cleaned = 150.00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 04282011_114553
Files\Folders moved on Reboot...
C:\Documents and Settings\Anna McManus\Local Settings\Temporary Internet Files\Content.IE5\E4O1JF08\topic,113324.msg786471[1].html moved successfully.
File move failed. C:\Documents and Settings\Anna McManus\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Anna McManus\Local Settings\Temporary Internet Files\SuggestedSites.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Jotti link: http://virusscan.jotti.org/en/scanresult/05654cf4bf54e3f0d69c9b5df2995a54a6fd0d85Had some trouble with this site. Ctrl+V=
FAIL. But seriously, I had to browse my way to the file.
Then, when I submitted the file, it said that the file had already been scanned. I hit the "Scan Again" button on the top anyways, so the link above is to the scan of
MY file.
DDS.txt:.
DDS (Ver_11-03-05.01) - NTFSx86 NETWORK
Run by Anna McManus at 12:01:16.93 on 28/04/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Professional 5.1.2600.3.1252.353.1033.18.1022.751 [GMT 1:00]
.
AV: Outpost Security Suite Pro *Disabled/Updated* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
FW: Outpost Security Suite Pro *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Anna McManus\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ie/webhp?rls=ig
uInternet Connection Wizard,ShellNext = hxxp://www.google.ie/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: TV Bar 1.1 Toolbar: {a386d4b0-fddb-4e1c-ae61-4f014013cd9b} - c:\program files\tv_bar_1.1\prxtbTV_2.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: TV Bar 1.1 Toolbar: {a386d4b0-fddb-4e1c-ae61-4f014013cd9b} - c:\program files\tv_bar_1.1\prxtbTV_2.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: TV Bar 1.1 Toolbar: {a386d4b0-fddb-4e1c-ae61-4f014013cd9b} - c:\program files\tv_bar_1.1\prxtbTV_2.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Google Update] "c:\documents and settings\anna mcmanus\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [OutpostMonitor] "c:\progra~1\agnitum\outpos~1\op_mon.exe" /tray /noservice
mRun: [OutpostFeedBack] "c:\program files\agnitum\outpost security suite free\feedback.exe" /dump:os_startup
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe
IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1262022016343
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.67.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {2094D3C8-9017-48C6-9813-BCFE09227041} = 89.101.160.4,89.101.160.5,208.67.222.222
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\annamc~1\applic~1\mozilla\firefox\profiles\wzlavwzf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ie/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=adbartrp&AF=10588&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: New Tab Homepage: {66E978CD-981F-47DF-AC42-E3CF417C1467} - %profile%\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: AlertStopper:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Check All:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: CheckFox: {BAEC7B80-9A31-47b2-A68B-DCAC8DF48E87} - %profile%\extensions\{BAEC7B80-9A31-47b2-A68B-DCAC8DF48E87}
FF - Ext: Copy Link Text:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Crash Report Helper: {078fac48-925f-4524-7cfe-85d44b8f4f98} - %profile%\extensions\{078fac48-925f-4524-7cfe-85d44b8f4f98}
FF - Ext: EAVE:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Expiry Canary:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Flash Killer:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Ghostery:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: GoogleEnhancer: {21e48e29-f574-4619-b65d-0f00eea92e5b} - %profile%\extensions\{21e48e29-f574-4619-b65d-0f00eea92e5b}
FF - Ext: Keyboard Shortcuts:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Kongregate Sidebar:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Link Alert:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: LinkAndForminfo: {B71ACFF2-E436-4cc7-B5E3-0C8E2CC981BA} - %profile%\extensions\{B71ACFF2-E436-4cc7-B5E3-0C8E2CC981BA}
FF - Ext: Override Mozilla Firefox Guidance: omfg@olive - %profile%\extensions\omfg@olive
FF - Ext: PingMe: pingme@arcticfire - %profile%\extensions\pingme@arcticfire
FF - Ext: Privacy Plus:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: RightToClick: {cd617375-6743-4ee8-bac4-fbf10f35729e} - %profile%\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}
FF - Ext: SimilarWeb:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Simple Links Counter:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Site Information Tool: siteinfo@wmtips - %profile%\extensions\siteinfo@wmtips
FF - Ext: Tab Progress Bar:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Test Extension:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Trustpilot Guard: {736048c1-a1ec-4a70-b12b-1e399e79024e} - %profile%\extensions\{736048c1-a1ec-4a70-b12b-1e399e79024e}
FF - Ext: Verify Redirect:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Wappalyzer:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Personas:
[email protected] - %profile%\extensions\
[email protected]FF - Ext: Personas Rotator: {6e73f6b7-b9ab-44b8-b744-6393e3c2e351} - %profile%\extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}
FF - Ext: Sidebar Companion for Google Sidewiki: {62f82eb5-4d65-4224-983b-a09ff8b172a6} - %profile%\extensions\{62f82eb5-4d65-4224-983b-a09ff8b172a6}
FF - Ext: Google Redesigned: {cc85cd4e-5a5b-4eda-a25c-bdaffa93b406} - %profile%\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
FF - Ext: Google Minimalist: {64312dc5-3fc3-40d1-b183-0e4060fc52ac} - %profile%\extensions\{64312dc5-3fc3-40d1-b183-0e4060fc52ac}
FF - Ext: ChatZilla: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2} - %profile%\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Java Quick Starter:
[email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
.
============= SERVICES / DRIVERS ===============
.
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2011-4-19 34280]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2007-4-23 341504]
S1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2011-4-19 708760]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
S2 acssrv;Agnitum Client Security Service;c:\progra~1\agnitum\outpos~1\acs.exe [2011-4-19 2072592]
S2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-4-14 14336]
S2 gupdate1ca8fbae50c76ae;Google Update Service (gupdate1ca8fbae50c76ae);c:\program files\google\update\GoogleUpdate.exe [2010-1-7 133104]
S3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2011-4-19 267624]
S3 ASWFilt;ASWFilt;c:\windows\system32\filt\ASWFilt.dll [2011-4-19 70160]
S3 VBEngNT;VBEngNT;c:\windows\system32\drivers\VBEngNT.sys [2011-4-19 242040]
S3 VBFilt;VBFilt;c:\windows\system32\filt\VBFilt.dll [2011-4-19 34096]
.
=============== Created Last 30 ================
.
2011-04-28 10:45:53 -------- d-----w- C:\_OTL
2011-04-22 16:52:13 -------- d-----w- c:\program files\ESET
2011-04-22 14:41:37 -------- d-----w- C:\RootRepeal
2011-04-21 16:58:03 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-04-21 16:58:03 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-21 16:57:35 -------- d-----w- c:\docume~1\annamc~1\applic~1\PriceGong
2011-04-21 15:53:07 -------- d-----w- c:\windows\pss
2011-04-21 08:48:31 -------- d-----w- C:\commy
2011-04-19 19:49:33 242040 ----a-w- c:\windows\system32\drivers\VBEngNT.sys
2011-04-19 19:49:32 708760 ----a-w- c:\windows\system32\drivers\SandBox.sys
2011-04-19 19:49:14 267624 ----a-w- c:\windows\system32\drivers\afwcore.sys
2011-04-19 19:48:20 34280 ----a-w- c:\windows\system32\drivers\afw.sys
2011-04-19 19:48:01 -------- d-----w- c:\windows\system32\Filt
2011-04-19 19:48:01 -------- d-----w- c:\program files\Agnitum
2011-04-19 19:48:01 -------- d-----w- c:\docume~1\annamc~1\applic~1\Agnitum
2011-04-16 19:21:54 -------- d-----w- c:\docume~1\annamc~1\locals~1\applic~1\Opera
2011-04-15 15:52:13 -------- d-----w- c:\docume~1\annamc~1\locals~1\applic~1\PCHealth
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 21:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 19:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2006-05-03 11:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 12:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 14:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll
.
============= FINISH: 12:02:17.04 ===============
Attach.txt:.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 15/12/2009 10:40:18
System Uptime: 28/04/2011 11:47:23 (1 hours ago)
.
Motherboard: Dell Inc. | | 0WG864
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Microprocessor | 2793/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 30 GiB total, 6.228 GiB free.
D: is FIXED (NTFS) - 107 GiB total, 90.447 GiB free.
E: is FIXED (NTFS) - 37 GiB total, 10.372 GiB free.
H: is FIXED (NTFS) - 6 GiB total, 1.546 GiB free.
R: is Removable
S: is Removable
T: is Removable
U: is Removable
V: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP242: 19/04/2011 19:36:51 - Agnitum Outpost Security Suite Free Restore Point: install
RP243: 19/04/2011 20:40:23 - Agnitum Outpost Security Suite Free Restore Point: uninstall
RP244: 19/04/2011 20:48:12 - Agnitum Outpost Security Suite Free Restore Point: install
RP245: 19/04/2011 21:09:17 - Software Distribution Service 3.0
RP246: 21/04/2011 17:57:21 - Restore Operation
.
==== Installed Programs ======================
.
.sol Editor 1.1.0.1
7-Zip 4.65
AbiWord 2.6.8
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
AiO_Scan_CDA
AiOSoftwareNPI
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
µTorrent
Bonjour
BufferChm
CCleaner
Cheat Engine 5.6.1
CmdHere Powertoy For Windows XP
Compatibility Pack for the 2007 Office system
Conduit Engine
Conexant D850 56K V.9x DFVc Modem
CutePDF Writer 2.7
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
e-Sword
ESET Online Scanner v3
F300
F300_Help
Fax_CDA
Foxit Reader
Free Realms Installer
GIMP 2.6.10
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Driver Diagnostics
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart, Officejet and Deskjet 7.0.A
HPPhotoSmartExpress
ieSpell
Image Resizer Powertoy for Windows XP
ImageMixer VCD/DVD2 for OLYMPUS
ImgBurn
InfraRecorder
InstantShareDevicesMFC
Intel(R) PRO Network Connections Drivers
iTunes
Japanese Language Support
Java Auto Updater
Java(TM) 6 Update 24
JPEG Lossless Rotator 6.4
Junk Mail filter update
Malwarebytes' Anti-Malware
Media Player Classic - Home Cinema v. 1.3.1249.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MobileMe Control Panel
Mozilla Firefox 4.0 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NETGEAR WG111v3 wireless USB 2.0 adapter
NewCopy_CDA
NVIDIA Drivers
NVIDIA PhysX
OCR Software by I.R.I.S 7.0
OGA Notifier 2.0.0048.0
OLYMPUS Master
OpenAL
Outpost Security Suite 7.1.1
Pixillion Image Converter
ProductContextNPI
QuickTime
Readme
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Recuva
Revo Uninstaller 1.88
Scan
ScannerCopy
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SigmaTel Audio
Skype Toolbars
Skype 5.1
Status
Steam
SUPERAntiSpyware
Toolbox
Total Uninstall 5.6.1
TrayApp
TV Bar 1.1 Toolbar
Tweak UI
Unity Web Player
Universal Extractor 1.6
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows Internet Explorer 8 (KB982664)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
v2011.build.46
VirtualCloneDrive
VoiceOver Kit
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows PowerShell(TM) 1.0 MUI pack
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
Windows Search 4.0
Zune Desktop Theme
.
==== Event Viewer Messages From Past Week ========
.
25/04/2011 14:56:52, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service iPod Service with arguments "" in order to run the server: {7A7FB085-6068-4898-8CCA-480A9187277C}
25/04/2011 14:56:05, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
24/04/2011 16:33:15, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference error message: The referenced assembly is not installed on your system. .
24/04/2011 16:33:15, error: SideBySide [59] - Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
24/04/2011 16:33:15, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.
24/04/2011 15:30:43, error: Tcpip [4198] - The system detected an address conflict for IP address 192.168.1.4 with the system having network hardware address 7C:ED:8D:2C:15:CB. The local interface has been disabled.
23/04/2011 13:44:19, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
22/04/2011 21:53:15, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
22/04/2011 21:34:32, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service ntmssvc with arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983}
22/04/2011 15:38:35, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ElbyCDIO Fips intelppm prodrv06 SandBox SASDIFSV SASKUTIL
21/04/2011 20:17:28, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
21/04/2011 20:16:01, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgio avipbb ElbyCDIO Fips intelppm prodrv06 SandBox SASDIFSV SASKUTIL ssmdrv
21/04/2011 19:39:36, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
21/04/2011 19:11:57, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
21/04/2011 18:59:13, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
.
==== End Of File ===========================