1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer very slow, delay when clicking on anything, freezes at times.

Discussion in 'Virus & Other Malware Removal' started by ltdibo, Dec 29, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. ltdibo

    ltdibo Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    96
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\WINDOWS\vVX3000.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\PROGRA~1\TELEVI~2\bar\1.bin\64srchmn.exe
    C:\PROGRA~1\TELEVI~2\bar\1.bin\64brmon.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\HP_Administrator\My Documents\Downloads\HijackThis(9).exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: (no name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll
    R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
    O2 - BHO: CrossriderApp0005060 - {11111111-1111-1111-1111-110011501160} - C:\Program Files\Savings Sidekick\Savings Sidekick.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Assistant BHO - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll
    O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
    O2 - BHO: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Smiley Bar for Facebook - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll
    O2 - BHO: Toolbar BHO - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~1\TELEVI~2\bar\1.bin\64bar.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
    O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [TelevisionFanatic Search Scope Monitor] "C:\PROGRA~1\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
    O4 - HKLM\..\Run: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~1\TELEVI~2\bar\1.bin\64brmon.exe
    O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [WROReminder] C:\Program Files\WinZip Registry Optimizer\Winzipro.exe -rem
    O4 - Startup: Copy (2) of HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Search - http://tbedits.televisionfanatic.co...6028-4D4D-B286-EA9E03908DE0&n=2012100416&cv=1
    O9 - Extra button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=64&bd=PRESARIO&pf=desktop
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1297316516031
    O16 - DPF: {F94859F2-3810-48FA-8403-0E163FD67CAD} (canvidplayer8ctrl Class) - https://video.globalwageringservice.com/canvid/canvidplayer8.cab
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: TelevisionFanaticService - COMPANYVERS_NAME - C:\PROGRA~1\TELEVI~2\bar\1.bin\64barsvc.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

    --
    End of file - 8251 bytes

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
    Processor: Intel(R) Atom(TM) CPU 230 @ 1.60GHz, x86 Family 6 Model 28 Stepping 2
    Processor Count: 2
    RAM: 1015 Mb
    Graphics Card: Intel(R) 82945G Express Chipset Family, 128 Mb
    Hard Drives: C: Total - 142592 MB, Free - 114240 MB; D: Total - 10017 MB, Free - 6486 MB;
    Motherboard: FOXCONN, CALI
    Antivirus: Microsoft Security Essentials, Updated: Yes, On-Demand Scanner: Enabled
     
  2. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    ltdibo,
    You have quite a few toolbars and other programs designed to hijack your preferences and take over much of your machine.
    With Windows XP, you will only have one or two ways to recover from infections, so you need to be very careful what toolbars and other programs you allow on the machine.
    -----------------------------------------------
    It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like µTorrent, Bittorrent, Azureus, Frostwire, Vuze, Shareaza, Bitlord.
    Criminals have "planted" thousands upon thousands of infections in the "free" shared files.
    Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".

    -----------------------------------------------------------
    Remove Programs Using Control Panel
    From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
    Highlight this Entry, if it exists, and choose Remove :

    uTorrent

    Take extra care in answering questions posed by any Uninstaller.
    -----------------------------------------------------------
    REBOOT (RESTART) Your Machine
    ---------------------------------------------
    Download the OTL Scanner
    Please download OTL.exe by OldTimer and save it to your desktop.
    If it ends up saving to your downloads folder go find it and copy it to your desktop.
    ---------------------------------------------
    Run a Scan with OTL
    • For WinXP, double click on the OTL icon to run it.
    • Check the boxes labeled :
      • Scan All Users
      • LOP check
      • Purity check
      • Extra Registry > Use SafeList
    • Make sure all other windows are closed to let it run uninterrupted.
    • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so.
      When the scan starts, OTL may appear to be frozen while it runs. Please be patient.
    When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
    OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
    The Extras.txt file will only appear as a running Notepad document the very first time you run OTL.
    Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

    When I see the logs, we can get started removing the other undesirable programs..

    askey127
     
  3. ltdibo

    ltdibo Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    96
    OTL Extras logfile created on: 12/30/2012 10:58:35 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1015.23 Mb Total Physical Memory | 410.75 Mb Available Physical Memory | 40.46% Memory free
    2.39 Gb Paging File | 1.77 Gb Available in Paging File | 74.24% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 139.25 Gb Total Space | 111.52 Gb Free Space | 80.08% Space Free | Partition Type: NTFS
    Drive D: | 9.78 Gb Total Space | 6.33 Gb Free Space | 64.76% Space Free | Partition Type: NTFS

    Computer Name: FLORIDAHOME | User Name: HP_Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    http [open] -- Reg Error: Key error.
    https [open] -- Reg Error: Key error.
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22002

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Hp\Digital Imaging\bin\hposid01.exe" = C:\Program Files\Hp\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
    "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
    "C:\Program Files\Hp\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Hp\HP Software Update\hpwucli.exe" = C:\Program Files\Hp\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe
    "C:\Program Files\Hp\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\Hp\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Hp\Digital Imaging\bin\hposid01.exe" = C:\Program Files\Hp\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
    "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Hp\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
    "C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth
    "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
    "C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
    "C:\Documents and Settings\HP_Administrator\My Documents\Downloads\AA_v3.exe" = C:\Documents and Settings\HP_Administrator\My Documents\Downloads\AA_v3.exe:*:Enabled:Ammyy Admin -- ()
    "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
    "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
    "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
    "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink Recovery Manager
    "{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
    "{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
    "{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver 11.0 03
    "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
    "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
    "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft Security Client" = Microsoft Security Essentials
    "Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "PC-Doctor for Windows" = Hardware Diagnostic Tools
    "Savings Sidekick" = Savings Sidekick
    "Smiley Bar for Facebook" = Smiley Bar for Facebook
    "SpecialSavings" = SpecialSavings
    "TelevisionFanaticbar Uninstall" = TelevisionFanatic Toolbar
    "TomTom HOME" = TomTom HOME 2.7.6.2056
    "Updater Service" = Updater Service
    "uTorrent" = µTorrent
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "WinZip Registry Optimizer_is1" = WinZip Registry Optimizer
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "WSOP-USA.com" = WSOP-USA.com
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
    "YTdetect" = Yahoo! Detect

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
    "Facebook Plug-In" = Facebook Plug-In

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 9/11/2012 10:29:21 PM | Computer Name = FLORIDAHOME | Source = Application Hang | ID = 1002
    Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 9/12/2012 6:16:20 PM | Computer Name = FLORIDAHOME | Source = Application Hang | ID = 1002
    Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 9/13/2012 1:05:01 PM | Computer Name = FLORIDAHOME | Source = Application Hang | ID = 1002
    Description = Hanging application firefox.exe, version 14.0.1.4577, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 9/13/2012 1:05:03 PM | Computer Name = FLORIDAHOME | Source = Application Hang | ID = 1002
    Description = Hanging application firefox.exe, version 14.0.1.4577, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 9/30/2012 11:15:45 AM | Computer Name = FLORIDAHOME | Source = Application Hang | ID = 1002
    Description = Hanging application firefox.exe, version 15.0.1.4631, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 9/30/2012 4:09:28 PM | Computer Name = FLORIDAHOME | Source = Application Hang | ID = 1002
    Description = Hanging application firefox.exe, version 15.0.1.4631, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 10/1/2012 1:31:21 PM | Computer Name = FLORIDAHOME | Source = Application Hang | ID = 1002
    Description = Hanging application firefox.exe, version 15.0.1.4631, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 10/1/2012 1:31:25 PM | Computer Name = FLORIDAHOME | Source = Application Error | ID = 1000
    Description = Faulting application plugin-container.exe, version 15.0.1.4631, faulting
    module mozalloc.dll, version 15.0.1.4631, fault address 0x00001993.

    Error - 10/4/2012 3:03:16 PM | Computer Name = FLORIDAHOME | Source = Application Hang | ID = 1002
    Description = Hanging application firefox.exe, version 15.0.1.4631, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 10/9/2012 6:48:34 PM | Computer Name = FLORIDAHOME | Source = Application Hang | ID = 1002
    Description = Hanging application firefox.exe, version 15.0.1.4631, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    [ System Events ]
    Error - 12/21/2012 4:19:42 AM | Computer Name = FLORIDAHOME | Source = Service Control Manager | ID = 7022
    Description = The HP CUE DeviceDiscovery Service service hung on starting.

    Error - 12/23/2012 3:21:07 AM | Computer Name = FLORIDAHOME | Source = Disk | ID = 262151
    Description = The device, \Device\Harddisk0\D, has a bad block.

    Error - 12/23/2012 3:21:28 AM | Computer Name = FLORIDAHOME | Source = Disk | ID = 262151
    Description = The device, \Device\Harddisk0\D, has a bad block.

    Error - 12/23/2012 3:22:04 AM | Computer Name = FLORIDAHOME | Source = Disk | ID = 262151
    Description = The device, \Device\Harddisk0\D, has a bad block.

    Error - 12/23/2012 10:57:31 AM | Computer Name = FLORIDAHOME | Source = Service Control Manager | ID = 7022
    Description = The HP CUE DeviceDiscovery Service service hung on starting.

    Error - 12/28/2012 4:41:14 PM | Computer Name = FLORIDAHOME | Source = Service Control Manager | ID = 7022
    Description = The HP CUE DeviceDiscovery Service service hung on starting.

    Error - 12/30/2012 2:59:44 AM | Computer Name = FLORIDAHOME | Source = Disk | ID = 262151
    Description = The device, \Device\Harddisk0\D, has a bad block.

    Error - 12/30/2012 3:00:00 AM | Computer Name = FLORIDAHOME | Source = Disk | ID = 262151
    Description = The device, \Device\Harddisk0\D, has a bad block.

    Error - 12/30/2012 3:00:15 AM | Computer Name = FLORIDAHOME | Source = Disk | ID = 262151
    Description = The device, \Device\Harddisk0\D, has a bad block.

    Error - 12/30/2012 11:35:20 AM | Computer Name = FLORIDAHOME | Source = Service Control Manager | ID = 7022
    Description = The HP CUE DeviceDiscovery Service service hung on starting.


    < End of report >

    OTL logfile created on: 12/30/2012 10:58:35 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1015.23 Mb Total Physical Memory | 410.75 Mb Available Physical Memory | 40.46% Memory free
    2.39 Gb Paging File | 1.77 Gb Available in Paging File | 74.24% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 139.25 Gb Total Space | 111.52 Gb Free Space | 80.08% Space Free | Partition Type: NTFS
    Drive D: | 9.78 Gb Total Space | 6.33 Gb Free Space | 64.76% Space Free | Partition Type: NTFS

    Computer Name: FLORIDAHOME | User Name: HP_Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/12/30 10:55:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL.exe
    PRC - [2012/12/05 04:47:39 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2012/11/22 13:39:45 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    PRC - [2012/10/12 10:39:56 | 000,548,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
    PRC - [2012/09/16 11:05:57 | 000,042,536 | ---- | M] (MindSpark) -- C:\Program Files\TelevisionFanatic\bar\1.bin\64SrchMn.exe
    PRC - [2012/09/16 11:05:55 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe
    PRC - [2012/09/13 10:14:53 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2010/08/24 04:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    PRC - [2010/08/24 04:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    PRC - [2009/06/26 17:21:00 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX3000.exe
    PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/12/17 17:37:18 | 000,020,296 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\mailcount.dll
    MOD - [2012/12/12 07:32:36 | 014,586,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
    MOD - [2012/12/05 04:46:27 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
    MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/10/12 10:39:56 | 000,548,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe


    ========== Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2012/12/12 07:32:40 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/12/05 04:47:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/10/12 10:39:56 | 000,548,832 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
    SRV - [2012/09/16 11:05:55 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Stopped] -- C:\Program Files\TelevisionFanatic\bar\1.bin\64barsvc.exe -- (TelevisionFanaticService)
    SRV - [2012/09/13 10:14:53 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2010/08/24 04:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
    SRV - [2008/08/26 01:02:24 | 000,014,336 | ---- | M] (Agere Systems) [On_Demand | Stopped] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
    DRV - [2012/12/30 02:00:16 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5350F52A-86DF-4893-91AD-00B83D47E0DD}\MpKsl39d43a2f.sys -- (MpKsl39d43a2f)
    DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2009/06/26 17:21:02 | 001,956,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
    DRV - [2008/11/03 15:16:06 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
    DRV - [2008/10/29 02:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2008/10/26 16:48:00 | 004,881,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
    DRV - [2008/08/07 06:14:56 | 000,111,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPfox000&ptnrS=XPfox000&ptb=182D341D-6028-4D4D-B286-EA9E03908DE0&psa=&ind=2012100416&st=sb&n=77ee3740&searchfor={searchTerms}


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=64&bd=PRESARIO&pf=desktop

    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=64&bd=PRESARIO&pf=desktop

    IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
    IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.glupy.com
    IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\URLSearchHook: {0696f815-a3a9-490a-bb14-9ec3350b1276} - No CLSID value found
    IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPfox000&ptnrS=XPfox000&ptb=182D341D-6028-4D4D-B286-EA9E03908DE0&psa=&ind=2012100416&st=sb&n=77ee3740&searchfor={searchTerms}
    IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
    IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "AOL Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/search/search?q={searchTerms}&s_it=customfirefoxright-ff&s_qt=sb&tb_uuid=20121130150724354&tb_oid=30-11-2012&tb_mrud=20-12-2012"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://home.mywebsearch.com/index.jhtml?ptb=9691DECE-CB92-4171-8F3F-4A643C29B096&n=77ee6876&p2=^UX^xdm002^S03900^us&si=CPOP58Wl97MCFQWonQodJy8AYA"
    FF - prefs.js..extensions.enabledAddons: %7B7affbfae-c4e2-4915-8c0f-00fa3ec610a1%7D:5.74.1.9081
    FF - prefs.js..extensions.enabledAddons: %7B7473b6bd-4691-4744-a82b-7854eb3d70b6%7D:10.13.40.15
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: [email protected]:1.0
    FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
    FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&s_qt=ab&s_it=customfirefoxright-ff&tb_uuid=20121130150724354&tb_oid=30-11-2012&tb_mrud=20-12-2012&q="
    FF - prefs.js..network.proxy.type: 1


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin: C:\Program Files\TelevisionFanatic\bar\1.bin\NP64Stub.dll (MindSpark)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\HP_Administrator\Application Data\Facebook\npfbplugin_1_0_1.dll ( )
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\HP_Administrator\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\TelevisionFanatic\bar\1.bin [2012/12/01 19:41:56 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected] [2012/10/12 10:45:48 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/05 04:47:41 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/05 04:46:13 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected] [2012/10/12 10:45:48 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles/5h0k0juf.default\extensions\[email protected] [2012/10/29 14:04:04 | 000,000,000 | ---D | M]

    [2012/10/12 10:45:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
    [2010/12/31 12:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]tomtom.com
    [2012/10/12 10:45:48 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
    [2012/12/24 01:24:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions
    [2010/07/22 15:24:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2012/12/24 01:25:01 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
    [2012/12/20 17:24:14 | 000,000,000 | ---D | M] ("AOL Toolbar") -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
    [2012/10/29 14:04:04 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected]
    [2012/03/27 15:20:24 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected]
    [2012/12/01 19:58:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\jetpack\[email protected]
    [2012/12/01 19:58:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\jetpack\[email protected]\simple-storage
    [2012/12/06 22:35:57 | 000,490,701 | ---- | M] () (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected]
    [2012/11/30 13:23:18 | 000,009,635 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\searchplugins\my-web-search.xml
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}-trash
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
    [2012/12/05 04:47:40 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/10/12 19:35:10 | 000,092,584 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
    [2012/03/05 12:26:12 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2012/10/12 19:35:11 | 000,092,584 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
    [2012/12/05 04:46:21 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/12/05 04:46:21 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
    CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1374_0\
    CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

    O1 HOSTS File: ([2011/02/09 22:42:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Savings Sidekick) - {11111111-1111-1111-1111-110011501160} - C:\Program Files\Savings Sidekick\Savings Sidekick.dll (215 Apps)
    O2 - BHO: (Search Assistant BHO) - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll (MindSpark)
    O2 - BHO: (SpecialSavings) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Smiley Bar for Facebook) - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll (Status Winks)
    O2 - BHO: (Toolbar BHO) - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
    O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    O3 - HKLM\..\Toolbar: (TelevisionFanatic) - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\Toolbar\WebBrowser: (TelevisionFanatic) - {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
    O3 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [TelevisionFanatic Browser Plugin Loader] C:\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe (VER_COMPANY_NAME)
    O4 - HKLM..\Run: [TelevisionFanatic Search Scope Monitor] C:\Program Files\TelevisionFanatic\bar\1.bin\64SrchMn.exe (MindSpark)
    O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
    O4 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
    O4 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
    O4 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006..\Run: [WROReminder] C:\Program Files\WinZip Registry Optimizer\Winzipro.exe (WinZip Computing, S.L. (WinZip Computing))
    O4 - Startup: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Copy (2) of HP Digital Imaging Monitor.lnk = File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: &Search - http://tbedits.televisionfanatic.co...6028-4D4D-B286-EA9E03908DE0&n=2012100416&cv=1 File not found
    O9 - Extra Button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1297316516031 (MUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {F94859F2-3810-48FA-8403-0E163FD67CAD} https://video.globalwageringservice.com/canvid/canvidplayer8.cab (canvidplayer8ctrl Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F3387B9-730B-4C10-8F65-A221C49C125E}: DhcpNameServer = 65.32.5.111 65.32.5.112
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/01/22 12:35:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/12/24 01:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\CRE
    [2012/12/24 01:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
    [2012/12/24 01:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Nico Mak Computing
    [2012/12/24 01:24:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Conduit
    [2012/12/24 01:23:59 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip Registry Optimizer
    [2012/12/24 01:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
    [2012/12/24 01:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\uTorrent
    [2012/12/18 01:13:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Apple Computer
    [2012/12/18 01:13:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Apple Computer
    [2012/12/18 01:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
    [2012/12/18 01:12:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2012/12/18 01:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2012/12/18 01:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2012/12/18 01:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2012/12/18 01:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Apple
    [2012/12/18 01:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2012/12/18 01:11:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
    [2012/12/18 01:10:34 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2012/12/18 01:10:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
    [2012/12/18 01:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2012/12/05 04:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2012/12/01 19:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\SpecialSavings
    [2012/12/01 19:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\SpecialSavings
    [2012/12/01 19:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
    [2012/12/01 19:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
    [2012/12/01 19:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\AskToolbar
    [2012/12/01 19:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
    [2012/12/01 19:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Savings Sidekick
    [2012/12/01 19:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Savings Sidekick
    [2012/12/01 19:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\TelevisionFanatic
    [2012/12/01 19:41:53 | 000,000,000 | ---D | C] -- C:\Program Files\TelevisionFanatic
    [2012/12/01 19:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\Smiley Bar for Facebook
    [2012/12/01 19:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
    [2012/12/01 19:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService(3)

    ========== Files - Modified Within 30 Days ==========

    [2012/12/30 10:43:51 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
    [2012/12/30 10:33:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/12/30 10:32:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2012/12/29 15:02:26 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
    [2012/12/28 10:56:59 | 004,493,997 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Christmas card 2012.JPG
    [2012/12/26 01:24:22 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job
    [2012/12/25 14:46:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/12/24 01:24:17 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip Registry Optimizer.lnk
    [2012/12/24 01:23:58 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
    [2012/12/21 03:17:47 | 000,130,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/12/18 01:29:13 | 000,020,732 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
    [2012/12/18 01:13:17 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
    [2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
    [2012/12/12 20:03:42 | 000,305,950 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa 001.jpg
    [2012/12/12 20:02:30 | 000,444,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa.jpg
    [2012/12/12 07:32:40 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
    [2012/12/12 07:32:40 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2012/12/12 03:06:16 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/12/12 01:54:59 | 000,093,275 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\-Amy's Thesis-College.rtf
    [2012/12/07 19:18:25 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
    [2012/12/01 19:07:13 | 000,432,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/12/01 19:07:13 | 000,067,794 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

    ========== Files Created - No Company Name ==========

    [2012/12/28 10:56:55 | 004,493,997 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Christmas card 2012.JPG
    [2012/12/24 01:24:34 | 000,000,306 | ---- | C] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
    [2012/12/24 01:24:33 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job
    [2012/12/24 01:24:17 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinZip Registry Optimizer.lnk
    [2012/12/24 01:23:58 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
    [2012/12/18 01:29:13 | 000,020,732 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
    [
     
  4. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    ltdibo,
    -----------------------------------------------------------
    Remove Programs Using Control Panel
    From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
    Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

    Ask Toolbar Updater
    Ask Toolbar
    Coupon Printer for Windows
    Savings Sidekick
    Smiley Bar for Facebook
    TelevisionFanatic Toolbar
    WinZip Registry Optimizer

    Take extra care in answering questions posed by any Uninstaller.
    -----------------------------------------------------------

    REBOOT (RESTART) Your Machine

    ----------------------------------------------
    Perform a Custom Fix with OTL
    Run OTL (Double Click in Windows XP)
    • In the Custom Scans/Fixes box at the bottom, paste in all the following lines from the Code box (Do not include the word "Code"):
      Code:
      :Commands
      [CREATERESTOREPOINT]
      
      :processes
      killallprocesses
      
      :OTL
      SRV - [2012/09/16 11:05:55 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Stopped] -- C:\Program Files\TelevisionFanatic\bar\1.bin\64barsvc.exe -- (TelevisionFanaticService)
      IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPfox000&ptnrS=XPfox000&ptb=182D341D-6028-4D4D-B286-EA9E03908DE0&psa=&ind=2012100416&st=sb&n=77ee3740&searchfor={searchTerms}
      IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
      IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
      IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
      IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\URLSearchHook: {0696f815-a3a9-490a-bb14-9ec3350b1276} - No CLSID value found
      IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
      IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
      IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPfox000&ptnrS=XPfox000&ptb=182D341D-6028-4D4D-B286-EA9E03908DE0&psa=&ind=2012100416&st=sb&n=77ee3740&searchfor={searchTerms}
      IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
      IE - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
      FF - prefs.js..extensions.enabledAddons: %7B7473b6bd-4691-4744-a82b-7854eb3d70b6%7D:10.13.40.15
      FF - HKLM\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin: C:\Program Files\TelevisionFanatic\bar\1.bin\NP64Stub.dll (MindSpark)
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] Fanatic.com: C:\Program Files\TelevisionFanatic\bar\1.bin [2012/12/01 19:41:56 | 000,000,000 | ---D | M]
      [2012/10/12 10:45:48 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
      [2012/10/12 10:45:48 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
      [2012/12/24 01:25:01 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
      O2 - BHO: (Savings Sidekick) - {11111111-1111-1111-1111-110011501160} - C:\Program Files\Savings Sidekick\Savings Sidekick.dll (215 Apps)
      O2 - BHO: (Search Assistant BHO) - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll (MindSpark)
      O2 - BHO: (Smiley Bar for Facebook) - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll (Status Winks)
      O2 - BHO: (Toolbar BHO) - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
      O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
      O3 - HKLM\..\Toolbar: (TelevisionFanatic) - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
      O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
      O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
      O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
      O3 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\Toolbar\WebBrowser: (TelevisionFanatic) - {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
      O3 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [TelevisionFanatic Browser Plugin Loader] C:\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe (VER_COMPANY_NAME)
      O4 - HKLM..\Run: [TelevisionFanatic Search Scope Monitor] C:\Program Files\TelevisionFanatic\bar\1.bin\64SrchMn.exe (MindSpark)
      O4 - HKU\S-1-5-21-2827858583-523947647-4037576017-1006..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
      O8 - Extra context menu item: &Search - http://tbedits.televisionfanatic.com...012100416&cv=1 File not found
      
      :Files
      C:\Program Files\TelevisionFanatic
      C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Conduit
      C:\Program Files\Conduit
      C:\Documents and Settings\HP_Administrator\Application Data\uTorrent
      C:\Program Files\Savings Sidekick
      C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Savings Sidekick
      C:\Documents and Settings\HP_Administrator\Application Data\TelevisionFanatic
      C:\Program Files\TelevisionFanatic
      C:\Program Files\Smiley Bar for Facebook
      C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
      C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job
      C:\Documents and Settings\All Users\Desktop\WinZip Registry Optimizer.lnk
      ipconfig /flushdns /c
      
      :Commands
      [PURITY]
      [emptyjava]
      [emptyflash] 
      [EMPTYTEMP]
      
    • Then click the Run Fix button at the top.
    • Let the program run unhindered, and click to allow the Reboot when it is done.
      When the computer Reboots, and you start your usual account, a Notepad text file will appear.
    • Copy the contents of that file and post it in your next reply.
      The file will also be available and named by timestamp here: C:\_OTL\Moved Files\mmddyyyy_hhmmss.log
    ----------------------------------------------
    After posting the Resulting log, Please Rescan as follows:
    Open OTL again and click the Quick Scan button. Post the new log it produces, OTL.txt, in your next reply.

    So we are looking for the log produced by the "fix", and the log from a new Quick Scan.
    Feel free to post them as separate replies.
    askey127
     
  5. ltdibo

    ltdibo Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    96
    All processes killed
    ========== COMMANDS ==========
    Restore point Set: OTL Restore Point
    ========== PROCESSES ==========
    ========== OTL ==========
    Error: No service named TelevisionFanaticService was found to stop!
    Service\Driver key TelevisionFanaticService not found.
    File C:\Program Files\TelevisionFanatic\bar\1.bin\64barsvc.exe not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ not found.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    Registry value HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0696f815-a3a9-490a-bb14-9ec3350b1276} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0696f815-a3a9-490a-bb14-9ec3350b1276}\ not found.
    HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ not found.
    Registry key HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
    HKU\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
    Prefs.js: %7B7473b6bd-4691-4744-a82b-7854eb3d70b6%7D:10.13.40.15 removed from extensions.enabledAddons
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin\ not found.
    File C:\Program Files\TelevisionFanatic\bar\1.bin\NP64Stub.dll not found.
    Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] Fanatic.com not found.
    File C:\Program Files\TelevisionFanatic\bar\1.bin not found.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]\chrome\skin folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]\chrome\content\mz folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]\chrome\content folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]\chrome folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected] folder moved successfully.
    Folder C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]\ not found.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Plugins folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\modules folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\META-INF folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults\preferences folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\sl folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib\jquery.alerts\images folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib\jquery.alerts folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\core folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\img folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\script folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\resources folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\Css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\404 folder moved successfully.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\img folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gadgetFrame folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd\images folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spsd\images folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spsd folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spbd\images folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spbd folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js\resources folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\images folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\msd folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js\resources folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\api folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\res folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\css folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\js folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox folder moved successfully.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} scheduled to be moved on reboot.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}\ not found.
    File C:\Program Files\Savings Sidekick\Savings Sidekick.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d79f641-c168-40df-a32f-bacea7509e75}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5d79f641-c168-40df-a32f-bacea7509e75}\ not found.
    File C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}\ not found.
    File C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb41fc95-f1b3-4797-8bb6-1012ff62abba}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cb41fc95-f1b3-4797-8bb6-1012ff62abba}\ not found.
    File C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
    File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c98d5b61-b0ea-4d48-9839-1079d352d880} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c98d5b61-b0ea-4d48-9839-1079d352d880}\ not found.
    File C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
    File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
    Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
    Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
    Registry value HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C98D5B61-B0EA-4D48-9839-1079D352D880} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C98D5B61-B0EA-4D48-9839-1079D352D880}\ not found.
    File C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll not found.
    Registry value HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
    File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TelevisionFanatic Browser Plugin Loader not found.
    File C:\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TelevisionFanatic Search Scope Monitor not found.
    File C:\Program Files\TelevisionFanatic\bar\1.bin\64SrchMn.exe not found.
    Registry value HKEY_USERS\S-1-5-21-2827858583-523947647-4037576017-1006\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
    C:\Program Files\uTorrent\uTorrent.exe moved successfully.
    Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ deleted successfully.
    ========== FILES ==========
    File\Folder C:\Program Files\TelevisionFanatic not found.
    C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Conduit\Community Alerts\Log folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Conduit\Community Alerts folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Conduit folder moved successfully.
    C:\Program Files\Conduit\Community Alerts folder moved successfully.
    C:\Program Files\Conduit folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\uTorrent\dlimagecache folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\uTorrent\Cache folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\uTorrent\apps folder moved successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\uTorrent folder moved successfully.
    File\Folder C:\Program Files\Savings Sidekick not found.
    File\Folder C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Savings Sidekick not found.
    File\Folder C:\Documents and Settings\HP_Administrator\Application Data\TelevisionFanatic not found.
    File\Folder C:\Program Files\TelevisionFanatic not found.
    File\Folder C:\Program Files\Smiley Bar for Facebook not found.
    C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job moved successfully.
    C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job moved successfully.
    File\Folder C:\Documents and Settings\All Users\Desktop\WinZip Registry Optimizer.lnk not found.
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Documents and Settings\HP_Administrator\My Documents\Downloads\cmd.bat deleted successfully.
    C:\Documents and Settings\HP_Administrator\My Documents\Downloads\cmd.txt deleted successfully.
    ========== COMMANDS ==========

    [EMPTYJAVA]

    User: All Users

    User: Default User

    User: HP_Administrator
    ->Java cache emptied: 209831 bytes

    User: LocalService
    ->Java cache emptied: 0 bytes

    User: NetworkService

    Total Java Files Cleaned = 0.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default User

    User: HP_Administrator
    ->Flash cache emptied: 1644 bytes

    User: LocalService
    ->Flash cache emptied: 0 bytes

    User: NetworkService

    Total Flash Files Cleaned = 0.00 mb


    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: HP_Administrator
    ->Temp folder emptied: 940528407 bytes
    ->Temporary Internet Files folder emptied: 113335052 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 77683938 bytes
    ->Google Chrome cache emptied: 27970472 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 912046 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 6887697 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 372178082 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 969740 bytes

    Total Files Cleaned = 1,469.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 12302012_142545

    Files\Folders moved on Reboot...
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
     
  6. ltdibo

    ltdibo Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    96
    OTL logfile created on: 12/30/2012 2:40:30 PM - Run 2

    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    LocalOTL logfile created on: 12/30/2012 2:40:30 PM - Run 2e: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1015.23 Mb Total Physical Memory | 428.86 Mb Available Physical Memory | 42.24% Memory free
    2.39 Gb Paging File | 1.80 Gb Available in Paging File | 75.32% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 139.25 Gb Total Space | 113.11 Gb Free Space | 81.23% Space Free | Partition Type: NTFS
    Drive D: | 9.78 Gb Total Space | 6.33 Gb Free Space | 64.76% Space Free | Partition Type: NTFS

    Computer Name: FLORIDAHOME | User Name: HP_Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/12/30 10:55:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL.exe
    PRC - [2012/12/05 04:47:39 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2012/11/22 13:39:45 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    PRC - [2012/10/12 10:39:56 | 000,548,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
    PRC - [2012/09/13 10:14:53 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2010/08/24 04:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    PRC - [2009/06/26 17:21:00 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX3000.exe
    PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/12/17 17:37:18 | 000,020,296 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\mailcount.dll
    MOD - [2012/12/12 07:32:36 | 014,586,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
    MOD - [2012/12/05 04:46:27 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
    MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/10/12 10:39:56 | 000,548,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe


    ========== Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2012/12/12 07:32:40 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/12/05 04:47:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/10/12 10:39:56 | 000,548,832 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
    SRV - [2012/09/13 10:14:53 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2008/08/26 01:02:24 | 000,014,336 | ---- | M] (Agere Systems) [On_Demand | Stopped] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
    DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2009/06/26 17:21:02 | 001,956,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
    DRV - [2008/11/03 15:16:06 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
    DRV - [2008/10/29 02:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2008/10/26 16:48:00 | 004,881,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
    DRV - [2008/08/07 06:14:56 | 000,111,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.glupy.com
    IE - HKCU\..\SearchScopes,DefaultScope =
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "AOL Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/search/search?q={searchTerms}&s_it=customfirefoxright-ff&s_qt=sb&tb_uuid=20121130150724354&tb_oid=30-11-2012&tb_mrud=20-12-2012"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://home.mywebsearch.com/index.jhtml?ptb=9691DECE-CB92-4171-8F3F-4A643C29B096&n=77ee6876&p2=^UX^xdm002^S03900^us&si=CPOP58Wl97MCFQWonQodJy8AYA"
    FF - prefs.js..extensions.enabledAddons: %7B7affbfae-c4e2-4915-8c0f-00fa3ec610a1%7D:5.74.1.9081
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\HP_Administrator\Application Data\Facebook\npfbplugin_1_0_1.dll ( )
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\HP_Administrator\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/05 04:47:41 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/05 04:46:13 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles/5h0k0juf.default\extensions\[email protected] [2012/10/29 14:04:04 | 000,000,000 | ---D | M]

    [2012/12/30 14:26:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
    [2010/12/31 12:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
    [2012/12/30 14:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions
    [2010/07/22 15:24:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2012/12/20 17:24:14 | 000,000,000 | ---D | M] ("AOL Toolbar") -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
    [2012/10/29 14:04:04 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected]
    [2012/03/27 15:20:24 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected]
    [2012/12/01 19:58:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\jetpack\[email protected]
    [2012/12/01 19:58:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\jetpack\[email protected]\simple-storage
    [2012/12/06 22:35:57 | 000,490,701 | ---- | M] () (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected]
    [2012/11/30 13:23:18 | 000,009,635 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\searchplugins\my-web-search.xml
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}-trash
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
    [2012/12/05 04:47:40 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/10/12 19:35:10 | 000,092,584 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
    [2012/03/05 12:26:12 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2012/10/12 19:35:11 | 000,092,584 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
    [2012/12/05 04:46:21 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/12/05 04:46:21 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
    CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1374_0\
    CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

    O1 HOSTS File: ([2011/02/09 22:42:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
    O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
    O4 - Startup: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Copy (2) of HP Digital Imaging Monitor.lnk = File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1297316516031 (MUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {F94859F2-3810-48FA-8403-0E163FD67CAD} https://video.globalwageringservice.com/canvid/canvidplayer8.cab (canvidplayer8ctrl Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F3387B9-730B-4C10-8F65-A221C49C125E}: DhcpNameServer = 65.32.5.111 65.32.5.112
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/01/22 12:35:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/12/30 14:25:45 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012/12/24 01:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\CRE
    [2012/12/24 01:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Nico Mak Computing
    [2012/12/24 01:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
    [2012/12/18 01:13:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Apple Computer
    [2012/12/18 01:13:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Apple Computer
    [2012/12/18 01:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
    [2012/12/18 01:12:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2012/12/18 01:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2012/12/18 01:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2012/12/18 01:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2012/12/18 01:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Apple
    [2012/12/18 01:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2012/12/18 01:11:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
    [2012/12/18 01:10:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
    [2012/12/18 01:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2012/12/05 04:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2012/12/01 19:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
    [2012/12/01 19:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
    [2012/12/01 19:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
    [2012/12/01 19:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService(3)

    ========== Files - Modified Within 30 Days ==========

    [2012/12/30 14:39:45 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
    [2012/12/30 14:32:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2012/12/30 14:29:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/12/28 10:56:59 | 004,493,997 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Christmas card 2012.JPG
    [2012/12/25 14:46:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/12/24 01:23:58 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
    [2012/12/21 03:17:47 | 000,130,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/12/18 01:29:13 | 000,020,732 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
    [2012/12/18 01:13:17 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2012/12/12 20:03:42 | 000,305,950 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa 001.jpg
    [2012/12/12 20:02:30 | 000,444,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa.jpg
    [2012/12/12 03:06:16 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/12/12 01:54:59 | 000,093,275 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\-Amy's Thesis-College.rtf
    [2012/12/07 19:18:25 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
    [2012/12/01 19:07:13 | 000,432,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/12/01 19:07:13 | 000,067,794 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

    ========== Files Created - No Company Name ==========

    [2012/12/28 10:56:55 | 004,493,997 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Christmas card 2012.JPG
    [2012/12/24 01:23:58 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
    [2012/12/18 01:29:13 | 000,020,732 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
    [2012/12/18 01:13:17 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2012/12/18 01:11:27 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
    [2012/12/12 20:03:23 | 000,305,950 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa 001.jpg
    [2012/12/12 20:02:12 | 000,444,497 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa.jpg
    [2012/12/12 01:54:59 | 000,093,275 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\-Amy's Thesis-College.rtf
    [2012/03/04 11:01:57 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/02/14 19:09:36 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2011/02/09 22:29:23 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2011/02/09 22:29:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2011/02/09 22:29:23 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2011/02/09 22:29:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2011/02/09 22:29:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2010/05/10 10:57:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\prvlcl.dat
    [2010/01/29 23:13:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Ÿ9Ÿ9

    ========== ZeroAccess Check ==========

    [2009/01/20 20:54:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2009/12/22 00:21:02 | 001,509,888 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2012/12/18 01:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2012/11/20 20:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AMMYY
    [2012/03/05 12:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
    [2011/05/11 11:30:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2010/11/19 12:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
    [2012/12/01 19:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
    [2012/12/01 19:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService(3)
    [2012/03/05 17:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2009/01/20 20:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
    [2011/01/21 19:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
    [2010/12/31 12:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:0B4227B4

    < End of report >
     
  7. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    ltdibo,
    (As an aside, best not to ever run Combofix on your own).

    A few things to do here. Down the home stretch.
    Just take one step at a time.
    -----------------------------------------------------------
    Remove Programs Using Control Panel
    From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
    Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

    Java(TM) 6 Update 31

    Take extra care in answering questions posed by any Uninstaller.
    -----------------------------------------------------------
    REBOOT (RESTART) Your Machine
    -----------------------------------------------------------
    Download the Internet Explorer 8 Installer, save to your desktop, and Double Click to install Internet Explorer 8.
    It's here: https://www.microsoft.com/en-us/download/details.aspx?id=43
    -----------------------------------------------------------
    REBOOT (RESTART) Your Machine Again
    ------------------------------------------------------------
    Download and Install the latest version of Java Runtime Environment from here : http://www.oracle.com/technetwork/java/javase/downloads/index.html, and install it to your computer.
    Under Java Platform, Standard Edition, labeled Java SE 7 Update 10, click on the button labeled JRE Download. Do NOT choose the button labeled "JDK Download". If it won't allow you to get past the "Agree to the license" dialog, you will need to set your browser to temporarily allow scripts.
    Check the button to agree to the license.
    Select the link for your Platform, jre-7u10-windows-i586.exe for 32-bit, and click it.
    Download it, choose Save, and save it to your desktop.
    Then doubleclick it on your desktop, and it will install the newest version of Java for you to use.

    During installation, be certain to Uncheck and Refuse any offer for "partner software" or toolbars.
    When it finishes, you can remove the Installer from your desktop.
    ----------------------------------------------
    Perform a Custom Fix with OTL
    Run OTL
    • In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
      Code:
      :Commands
      [CREATERESTOREPOINT]
      
      :processes
      killallprocesses
      
      :OTL
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.glupy.com
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
      [2012/10/29 14:04:04 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected] perfish.com
      [2012/11/30 13:23:18 | 000,009,635 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\searchplugins\my-web-search.xml
      [2012/10/12 19:35:10 | 000,092,584 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
      [2012/10/12 19:35:11 | 000,092,584 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
      
      :Files
      C:\Documents and Settings\All Users\Application Data\Temp
      ipconfig /flushdns /c
      
      :Commands
      [EMPTYTEMP]
      [CLEARALLRESTOREPOINTS]
      
    • Then click the Run Fix button at the top.
    • Let the program run unhindered, and click to allow the Reboot when it is done.
      When the computer Reboots, and you start your usual account, a Notepad text file will appear.
    • You can ignore that file this time.
    ----------------------------------------------
    Please Rescan as follows:
    Open OTL again and click the Quick Scan button. Post the new log it produces, OTL.txt, in your next reply.

    Tell me how it's running.
    askey127
     
  8. ltdibo

    ltdibo Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    96
    A few things....I could not remove "coupon printer for windows"...when I tried to remove it I got the response "invalid uninstaller control file".....Computer is definitely faster and responding better...I don't seem to be getting the delay now when I click an item with the mouse..I was getting like a 5 second delay before we made these changes... I will have one more question once you review the below file and we make final adjustments, if any.... that has to do with configuring a mobile hot spot from my phone and pc...don't know if thats your area of expertise


    OTL logfile created on: 12/31/2012 1:12:10 PM - Run 3
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1015.23 Mb Total Physical Memory | 604.83 Mb Available Physical Memory | 59.58% Memory free
    2.39 Gb Paging File | 1.97 Gb Available in Paging File | 82.53% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 139.25 Gb Total Space | 116.46 Gb Free Space | 83.63% Space Free | Partition Type: NTFS
    Drive D: | 9.78 Gb Total Space | 6.33 Gb Free Space | 64.76% Space Free | Partition Type: NTFS

    Computer Name: FLORIDAHOME | User Name: HP_Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/12/31 13:01:07 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
    PRC - [2012/12/30 10:55:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL.exe
    PRC - [2012/11/22 13:39:45 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    PRC - [2012/10/12 10:39:56 | 000,548,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
    PRC - [2012/09/13 10:14:53 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2010/08/24 04:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    PRC - [2009/06/26 17:21:00 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX3000.exe
    PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/10/12 10:39:56 | 000,548,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe


    ========== Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2012/12/31 13:01:07 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
    SRV - [2012/12/12 07:32:40 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/12/05 04:47:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/10/12 10:39:56 | 000,548,832 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
    SRV - [2012/09/13 10:14:53 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2008/08/26 01:02:24 | 000,014,336 | ---- | M] (Agere Systems) [On_Demand | Stopped] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
    DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2009/06/26 17:21:02 | 001,956,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
    DRV - [2008/11/03 15:16:06 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
    DRV - [2008/10/29 02:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2008/10/26 16:48:00 | 004,881,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
    DRV - [2008/08/07 06:14:56 | 000,111,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "AOL Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/search/search?q={searchTerms}&s_it=customfirefoxright-ff&s_qt=sb&tb_uuid=20121130150724354&tb_oid=30-11-2012&tb_mrud=20-12-2012"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://home.mywebsearch.com/index.jhtml?ptb=9691DECE-CB92-4171-8F3F-4A643C29B096&n=77ee6876&p2=^UX^xdm002^S03900^us&si=CPOP58Wl97MCFQWonQodJy8AYA"
    FF - prefs.js..extensions.enabledAddons: %7B7affbfae-c4e2-4915-8c0f-00fa3ec610a1%7D:5.74.1.9081
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\HP_Administrator\Application Data\Facebook\npfbplugin_1_0_1.dll ( )
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\HP_Administrator\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/05 04:47:41 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/31 13:05:35 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles/5h0k0juf.default\extensions\[email protected] [2012/10/29 14:04:04 | 000,000,000 | ---D | M]

    [2012/12/30 14:26:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
    [2010/12/31 12:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
    [2012/12/30 14:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions
    [2010/07/22 15:24:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2012/12/20 17:24:14 | 000,000,000 | ---D | M] ("AOL Toolbar") -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
    [2012/10/29 14:04:04 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected]
    [2012/03/27 15:20:24 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected]
    [2012/12/01 19:58:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\jetpack\[email protected]
    [2012/12/01 19:58:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\jetpack\[email protected]\simple-storage
    [2012/12/06 22:35:57 | 000,490,701 | ---- | M] () (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected]
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}-trash
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
    [2012/12/05 04:46:12 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
    [2012/12/05 04:47:40 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/12/05 04:46:21 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/12/05 04:46:21 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
    CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1374_0\
    CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

    O1 HOSTS File: ([2011/02/09 22:42:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
    O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
    O4 - Startup: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Copy (2) of HP Digital Imaging Monitor.lnk = File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1356974269687 (MUWebControl Class)
    O16 - DPF: {F94859F2-3810-48FA-8403-0E163FD67CAD} https://video.globalwageringservice.com/canvid/canvidplayer8.cab (canvidplayer8ctrl Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F3387B9-730B-4C10-8F65-A221C49C125E}: DhcpNameServer = 65.32.5.111 65.32.5.112
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/01/22 12:35:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/12/31 13:13:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun
    [2012/12/31 13:01:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2012/12/31 13:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java
    [2012/12/31 12:13:49 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\PrivacIE
    [2012/12/31 12:11:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\IETldCache
    [2012/12/31 12:07:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
    [2012/12/31 12:03:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
    [2012/12/30 14:25:45 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012/12/24 01:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\CRE
    [2012/12/24 01:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Nico Mak Computing
    [2012/12/24 01:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
    [2012/12/18 01:13:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Apple Computer
    [2012/12/18 01:13:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Apple Computer
    [2012/12/18 01:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
    [2012/12/18 01:12:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2012/12/18 01:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2012/12/18 01:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2012/12/18 01:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2012/12/18 01:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Apple
    [2012/12/18 01:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2012/12/18 01:11:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
    [2012/12/18 01:10:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
    [2012/12/18 01:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2012/12/05 04:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2012/12/01 19:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
    [2012/12/01 19:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
    [2012/12/01 19:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
    [2012/12/01 19:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService(3)

    ========== Files - Modified Within 30 Days ==========

    [2012/12/31 13:17:50 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
    [2012/12/31 13:07:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/12/31 12:32:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2012/12/31 12:24:07 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/12/31 12:19:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/12/31 12:11:52 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012/12/28 10:56:59 | 004,493,997 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Christmas card 2012.JPG
    [2012/12/24 01:23:58 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
    [2012/12/21 03:17:47 | 000,130,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/12/18 01:29:13 | 000,020,732 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
    [2012/12/18 01:13:17 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2012/12/12 20:03:42 | 000,305,950 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa 001.jpg
    [2012/12/12 20:02:30 | 000,444,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa.jpg
    [2012/12/12 01:54:59 | 000,093,275 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\-Amy's Thesis-College.rtf
    [2012/12/07 19:18:25 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
    [2012/12/01 19:07:13 | 000,432,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/12/01 19:07:13 | 000,067,794 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

    ========== Files Created - No Company Name ==========

    [2012/12/28 10:56:55 | 004,493,997 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Christmas card 2012.JPG
    [2012/12/24 01:23:58 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
    [2012/12/18 01:29:13 | 000,020,732 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
    [2012/12/18 01:13:17 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2012/12/18 01:11:27 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
    [2012/12/12 20:03:23 | 000,305,950 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa 001.jpg
    [2012/12/12 20:02:12 | 000,444,497 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\nanas house to lisa.jpg
    [2012/12/12 01:54:59 | 000,093,275 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\-Amy's Thesis-College.rtf
    [2012/03/04 11:01:57 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/02/14 19:09:36 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2011/02/09 22:29:23 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2011/02/09 22:29:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2011/02/09 22:29:23 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2011/02/09 22:29:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2011/02/09 22:29:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2010/05/10 10:57:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\prvlcl.dat
    [2010/01/29 23:13:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Ÿ9Ÿ9

    ========== ZeroAccess Check ==========

    [2009/01/20 20:54:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2009/12/22 00:21:02 | 001,509,888 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2012/12/18 01:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2012/11/20 20:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AMMYY
    [2012/03/05 12:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
    [2011/05/11 11:30:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2010/11/19 12:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
    [2012/12/01 19:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
    [2012/12/01 19:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService(3)
    [2012/03/05 17:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2009/01/20 20:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
    [2010/12/31 12:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom

    ========== Purity Check ==========



    < End of report >
     
  9. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Itdibo,
    Looking Better. Happy New Year.
    ----------------------------------------------
    Perform a Custom Fix with OTL
    Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
    • In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
      Code:
      :Commands
      [CREATERESTOREPOINT]
      
      :OTL
      FF - prefs.js..browser.startup.homepage: "http://home.mywebsearch.com/index.jhtml?ptb=9691DECE-CB92-4171-8F3F-4A643C29B096&n=77ee6876&p2=^UX^xdm002^S03900^us&si=CPOP58Wl97MCFQWonQodJy8A YA"
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] nks: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] fish.com: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles/5h0k0juf.default\extensions\[email protected] [2012/10/29 14:04:04 | 000,000,000 | ---D | M]
      [2012/10/29 14:04:04 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5h0k0juf.default\extensions\[email protected] perfish.com
      
      :Files
      C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
      C:\Documents and Settings\All Users\Application Data\AVG2012
      ipconfig /flushdns /c
      
      :Commands
      [EMPTYTEMP]
      
    • Then click the Run Fix button at the top.
    • Let the program run unhindered, and click to allow the Reboot when it is done.
      When the computer Reboots, and you start your usual account, a Notepad text file will appear.
    • You can ignore the FIX log this time.
    ---------------------------------------------
    Let's find the Coupon Printer adware so we can remove it.
    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1 (32-bit)
    Download Mirror #2 (32-bit)


    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :filefind
      *coupon*
      
      :folderfind 
      *coupon*
      :regfind
      coupon /s
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The results log can also be found on your Desktop, entitled SystemLook.txt

    askey127
     
  10. ltdibo

    ltdibo Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    96
    Happy New Year and thanks for the help...definitely better....

    SystemLook 30.07.11 by jpshortstuff
    Log created at 10:30 on 01/01/2013 by HP_Administrator
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "*coupon*"
    C:\Documents and Settings\All Users\Start Menu\Programs\Coupons\Coupons.com - Print Coupons.lnk --a---- 1578 bytes [01:32 11/11/2012] [01:32 11/11/2012] 92F325D70E266F7B12EA7C9D73048D27
    C:\Documents and Settings\All Users\Start Menu\Programs\Coupons\Uninstall Coupon Printer for Windows.lnk --a---- 1730 bytes [01:32 11/11/2012] [01:32 11/11/2012] 38135970A4B7E0E137E6A0282C2189A6
    C:\Documents and Settings\HP_Administrator\My Documents\Downloads\couponprinter.exe --a---- 1300384 bytes [01:30 11/11/2012] [01:30 11/11/2012] D117BB801E7CF29143F38DF3C8313449
    C:\Program Files\Coupons\Coupons.ico --a---- 894 bytes [05:25 30/01/2012] [18:17 17/09/2009] 861AD65D02FEBF60CE0E82E34E0A76B5
    C:\WINDOWS\CouponPrinter.ocx --a---- 72104 bytes [05:25 30/01/2012] [00:35 13/10/2012] 72298BF8678FCD70040284822D4D88FC
    C:\_OTL\MovedFiles\12312012_130515\C_Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll --a---- 92584 bytes [09:46 05/12/2012] [00:35 13/10/2012] B98C1ACD3A64F52FB34B91CEB5898219
    C:\_OTL\MovedFiles\12312012_130515\C_Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll --a---- 92584 bytes [09:46 05/12/2012] [00:35 13/10/2012] 8C8726855ACD6A3BB1770D5210ED547F

    ========== folderfind ==========

    Searching for "*coupon*"
    C:\Documents and Settings\All Users\Start Menu\Programs\Coupons d------ [00:42 02/12/2012]
    C:\Program Files\Coupons d------ [00:42 02/12/2012]

    ========== regfind ==========

    Searching for "coupon /s"
    No data found.

    -= EOF =-
     
  11. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    ltdibo,
    In general, going forward, be reluctant to add any free programs unless they are really vital to you.
    That is especially true of toolbars, or of any other "Security" programs.
    Almost all toolbars are for the benefit of the purveyor, not you.
    I would uninstall the AOL toolbar as well, but that's your call.

    Now let's get rid of the Coupon Printer:
    ----------------------------------------------
    Perform a Custom Fix with OTL
    Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
    • In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
      Code:
      :Commands
      [CREATERESTOREPOINT]
      
      :Files
      C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
      C:\Program Files\Coupons
      C:\Documents and Settings\All Users\Start Menu\Programs\Coupons\Coupons.com - Print Coupons.lnk
      C:\Documents and Settings\HP_Administrator\My Documents\Downloads\couponprinter.exe
      C:\WINDOWS\CouponPrinter.ocx
      ipconfig /flushdns /c
      
      :Commands
      [EMPTYTEMP]
      [CLEARALLRESTOREPOINTS]
      
    • Then click the Run Fix button at the top.
    • Let the program run unhindered, and click to allow the Reboot when it is done.
      When the computer Reboots, and you start your usual account, a Notepad text file will appear.
    • You can Ignore the FIX log this time
    ----------------------------------------------

    If you open OTL.exe one more time, and click on the Clean UP button, it will remove itself and most other tools we used.

    Unless there are any other questions, you should be good to go.
    askey127
     
  12. ltdibo

    ltdibo Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    96
    Askey....Great job thanks so much, I will mark this problem solved...computer is much better...I have an older model computer and its imperative I keep it running at optimum speed.
    I may have my cable company take it down to the slower speed to save some money
    What do you think? is the slower speed not good or doesn't it really matter that much?

    My final question...How do I configure my verizon cell phones'.. "mobile hot spot" to my pc, in the event I want to get rid of cable provided wireless all together...have any idea?.If not, where can I go to find out how to do it?..Thanks again...DiBo
     
  13. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    itdibo
    The main difference in cable "speeds" will be for large downloads, or for displaying web pages with lots of pictures.
    It won't have much to do with the machine speed.

    Be aware that phone wireless may charge by the data minutes or Mb. used. It tends to be much more expensive than Cable. Cable is only wireless between you and your wireless router.
    The main difference is whether you need Internet coverage in many locations, or whether you just need Internet coverage at home and hot spots.

    Sorry I can't help with info on how to configure your phone. Only verizon can help with explaining that. I would try their web site and see what tutorials or FAQs they might have.
    askey
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1082868

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice