WiredWX Hobby Weather ToolsLog in

 


think point virus

2 posters

descriptionthink point virus Emptythink point virus4th November 2010, 7:15 am

more_horiz
Downloaded the antimalware software but it hasn't worked properly on my computer. The message (MBAM_ERROR_UPDATING (12007,0,WinHttpSendRequest)) just comes up at the end and it said it cleaned the files but the virus won't go away even after restarting or shutting down the computer.

Here are the files as requested:
OTL logfile created on: 11/4/2010 12:31:36 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = D:\Personal\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 83.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 512 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.30 Gb Total Space | 22.25 Gb Free Space | 75.95% Space Free | Partition Type: NTFS
Drive D: | 75.02 Gb Total Space | 74.40 Gb Free Space | 99.18% Space Free | Partition Type: NTFS
Drive E: | 42.94 Gb Total Space | 42.89 Gb Free Space | 99.87% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: CFYY001751 | User Name: abc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/04 12:29:14 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Personal\Desktop\OTL.com
PRC - [2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/11/04 12:29:14 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Personal\Desktop\OTL.com
MOD - [2006/08/25 08:45:56 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)


========== Driver Services (SafeList) ==========

DRV - [2009/05/24 23:21:28 | 000,142,336 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/11/02 17:46:34 | 006,273,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/10/02 00:32:14 | 004,613,120 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/01/07 16:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/03 14:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 172.*.*;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 172.19.0.8:6000



O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O9 - Extra Button: PowerWord - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - C:\Program Files\Kingsoft\Powerword 2003\XDictExB.dll (金山软件股份有限公司)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.19.0.1
O18 - Protocol\Handler\dic {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - C:\Program Files\Kingsoft\Powerword 2003\XDictExB.dll (金山软件股份有限公司)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\abc\Application Data\hotfix.exe) - C:\Documents and Settings\abc\Application Data\hotfix.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/25 11:46:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{82f2a96c-5a2c-11df-8ff4-e13a25a4bbd1}\Shell - "" = AutoRun
O33 - MountPoints2\{82f2a96c-5a2c-11df-8ff4-e13a25a4bbd1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{82f2a96d-5a2c-11df-8ff4-e13a25a4bbd1}\Shell - "" = AutoRun
O33 - MountPoints2\{82f2a96d-5a2c-11df-8ff4-e13a25a4bbd1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{82f2a96e-5a2c-11df-8ff4-e13a25a4bbd1}\Shell - "" = AutoRun
O33 - MountPoints2\{82f2a96e-5a2c-11df-8ff4-e13a25a4bbd1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{82f2a96f-5a2c-11df-8ff4-e13a25a4bbd1}\Shell - "" = AutoRun
O33 - MountPoints2\{82f2a96f-5a2c-11df-8ff4-e13a25a4bbd1}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: LanmanServer - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: LanmanServer - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 30 Days ==========

[2010/11/04 12:29:07 | 000,576,000 | ---- | C] (OldTimer Tools) -- D:\Personal\Desktop\OTL.com
[2010/11/04 12:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/11/04 12:16:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/11/04 12:16:18 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/11/04 12:16:18 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/11/04 12:16:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/11/04 12:16:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/11/04 12:16:18 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/11/04 12:16:11 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/11/04 12:15:26 | 016,074,528 | ---- | C] (Sun Microsystems, Inc.) -- D:\Personal\Desktop\jre-6u22-windows-i586.exe
[2010/11/04 10:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\abc\Application Data\Malwarebytes
[2010/11/04 10:25:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/04 10:25:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/04 10:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/04 10:25:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/11/04 10:24:08 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- D:\Personal\Desktop\mbam-setup-1.46.exe
[2010/11/04 10:17:23 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/10/11 12:07:44 | 000,000,000 | ---D | C] -- C:\MkBk2010
[2010/10/11 12:07:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/12 14:02:03 | 000,075,776 | ---- | M] () -- D:\My Documents\Countries of Africa.doc
[2010/11/06 12:43:09 | 000,040,448 | ---- | M] () -- D:\My Documents\outwardappearance.doc
[2010/11/06 12:41:17 | 000,026,624 | ---- | M] () -- D:\My Documents\dog.doc
[2010/11/06 11:26:54 | 000,148,838 | ---- | M] () -- D:\My Documents\LiteraryElements.pdf
[2010/11/06 10:59:43 | 000,030,720 | ---- | M] () -- D:\My Documents\practicetest.doc
[2010/11/05 16:31:38 | 000,040,448 | ---- | M] () -- D:\My Documents\Scrap.shs
[2010/11/05 09:20:48 | 000,305,648 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/05 09:20:48 | 000,037,964 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/04 15:05:19 | 002,526,720 | ---- | M] () -- D:\My Documents\movieposters.doc
[2010/11/04 12:31:27 | 000,156,329 | ---- | M] () -- D:\Personal\Desktop\JavaRa.zip
[2010/11/04 12:29:14 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Personal\Desktop\OTL.com
[2010/11/04 12:16:13 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/11/04 12:16:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/11/04 12:16:13 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/11/04 12:16:13 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/11/04 12:16:13 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/11/04 12:15:42 | 016,074,528 | ---- | M] (Sun Microsystems, Inc.) -- D:\Personal\Desktop\jre-6u22-windows-i586.exe
[2010/11/04 11:49:11 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/11/04 11:49:10 | 2111,098,880 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/04 11:49:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/04 11:40:38 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/11/04 11:40:24 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- D:\Personal\Desktop\mbam-setup-1.46.exe
[2010/11/04 11:36:15 | 000,023,552 | ---- | M] () -- D:\My Documents\HALLOWEEN2010events.doc
[2010/11/04 11:22:36 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\completescan
[2010/11/04 11:09:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/11/04 10:35:48 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/04 10:32:16 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/11/04 10:12:19 | 000,748,544 | ---- | M] () -- D:\My Documents\Follow these instructions.doc
[2010/11/04 10:11:28 | 000,026,112 | ---- | M] () -- D:\My Documents\MESOPOTAMIA in your group.doc
[2010/11/04 09:12:36 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\start
[2010/11/04 09:00:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/04 08:59:43 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\install
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/11/04 08:58:20 | 000,522,240 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\hotfix.exe
[2010/11/04 08:58:20 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\dkfjasdfshd.bat
[2010/11/03 15:34:38 | 000,034,816 | ---- | M] () -- D:\My Documents\vocabtest8.doc
[2010/11/03 15:34:07 | 000,049,152 | ---- | M] () -- D:\My Documents\Vocabulary Quiz.doc
[2010/11/03 14:42:38 | 000,020,480 | ---- | M] () -- D:\My Documents\INTRODUCTION TO GEOGRAPHY NOTES.doc
[2010/11/03 13:08:47 | 000,024,576 | ---- | M] () -- D:\My Documents\GEOGRAPHY.doc
[2010/11/03 12:27:59 | 000,026,112 | ---- | M] () -- D:\My Documents\HALLOWEEN 2010.doc
[2010/11/03 11:08:10 | 000,020,480 | ---- | M] () -- D:\My Documents\Internal or External Quiz.doc
[2010/11/03 11:08:05 | 000,029,696 | ---- | M] () -- D:\My Documents\Types of Conflict-quiz.doc
[2010/11/03 10:08:04 | 000,035,328 | ---- | M] () -- D:\My Documents\Stone Age materials.doc
[2010/11/03 09:57:19 | 000,025,600 | ---- | M] () -- D:\My Documents\Easter Island.doc
[2010/11/03 08:58:09 | 001,158,656 | ---- | M] () -- D:\My Documents\Conflict.ppt
[2010/11/03 08:54:46 | 000,390,656 | ---- | M] () -- D:\My Documents\littermsppt.ppt
[2010/11/03 08:50:35 | 001,350,144 | ---- | M] () -- D:\My Documents\EarlyHumans.ppt
[2010/11/03 08:05:04 | 000,081,920 | ---- | M] () -- D:\My Documents\africa.doc
[2010/11/02 15:26:08 | 000,024,064 | ---- | M] () -- D:\My Documents\vocabwallprint.doc
[2010/11/02 14:51:59 | 000,027,648 | ---- | M] () -- D:\My Documents\COPY.doc
[2010/11/02 11:38:45 | 000,002,375 | ---- | M] () -- D:\Personal\Desktop\Microsoft Office Word 2003.lnk
[2010/11/02 08:51:58 | 000,129,999 | ---- | M] () -- D:\My Documents\code_of_conduct.pdf
[2010/11/01 14:38:36 | 000,025,600 | ---- | M] () -- D:\My Documents\Vocabulary words.doc
[2010/11/01 13:05:49 | 002,870,272 | ---- | M] () -- D:\My Documents\famouswomen.ppt
[2010/11/01 11:15:12 | 000,025,600 | ---- | M] () -- D:\My Documents\Characterization exercises.doc
[2010/10/29 15:03:01 | 022,727,680 | ---- | M] () -- D:\My Documents\nonfiction pictures.doc
[2010/10/29 14:38:51 | 000,024,576 | ---- | M] () -- D:\My Documents\halloweenvan.doc
[2010/10/29 12:45:08 | 000,024,576 | ---- | M] () -- D:\My Documents\testnov4th.doc
[2010/10/22 14:19:15 | 000,101,417 | ---- | M] () -- D:\My Documents\DeweyDetail.pdf
[2010/10/22 13:13:54 | 000,024,576 | ---- | M] () -- D:\My Documents\JOBS.doc
[2010/10/22 12:57:19 | 001,735,680 | ---- | M] () -- D:\My Documents\halloween images.doc
[2010/10/21 12:56:17 | 000,033,280 | ---- | M] () -- D:\My Documents\AMELIA EARHART VOCABULARY.doc
[2010/10/21 10:18:09 | 000,037,376 | ---- | M] () -- D:\My Documents\Word Card8.doc
[2010/10/21 09:28:01 | 000,022,528 | ---- | M] () -- D:\My Documents\Homo habilis is known for.doc
[2010/10/21 07:26:52 | 000,038,912 | ---- | M] () -- D:\My Documents\8HISYP.doc
[2010/10/21 06:50:15 | 000,048,640 | ---- | M] () -- D:\My Documents\7ENGYP.doc
[2010/10/21 06:48:26 | 000,048,128 | ---- | M] () -- D:\My Documents\8ENGYP.doc
[2010/10/20 12:12:03 | 000,024,576 | ---- | M] () -- D:\My Documents\oct20thg7work.doc
[2010/10/19 13:45:07 | 000,024,064 | ---- | M] () -- D:\My Documents\Movies.doc
[2010/10/19 13:44:54 | 000,025,088 | ---- | M] () -- D:\My Documents\TOPIC.doc
[2010/10/15 14:34:34 | 000,091,201 | ---- | M] () -- D:\My Documents\dubai_11_cand.pdf
[2010/10/15 14:31:26 | 000,278,924 | ---- | M] () -- D:\My Documents\Dubai notice 2010.pdf
[2010/10/15 14:31:25 | 000,278,753 | ---- | M] () -- D:\My Documents\Doha notice 2010.pdf
[2010/10/15 14:31:17 | 000,246,523 | ---- | M] () -- D:\My Documents\Abu Dhabi notice 2010.pdf
[2010/10/15 13:49:57 | 000,207,360 | ---- | M] () -- D:\My Documents\kwanza4.ppt
[2010/10/15 13:20:15 | 000,025,088 | ---- | M] () -- D:\My Documents\Winners Circle.doc
[2010/10/15 13:01:09 | 000,480,256 | ---- | M] () -- D:\My Documents\kwanzaa6.ppt
[2010/10/14 13:44:03 | 000,055,808 | ---- | M] () -- D:\My Documents\reading levels.doc
[2010/10/14 08:27:09 | 000,095,860 | ---- | M] () -- D:\My Documents\Lexile Conversion Chart.pdf
[2010/10/13 15:17:27 | 001,070,822 | ---- | M] () -- D:\My Documents\CityMapReadingActivity02.pdf
[2010/10/13 15:17:25 | 000,923,316 | ---- | M] () -- D:\My Documents\CityMapReadingActivity01.pdf
[2010/10/13 15:16:57 | 000,029,371 | ---- | M] () -- D:\My Documents\mapsymbols.pdf
[2010/10/13 14:54:44 | 000,054,272 | ---- | M] () -- D:\My Documents\WORD.doc
[2010/10/12 10:12:24 | 000,024,064 | ---- | M] () -- D:\My Documents\library.doc
[2010/10/12 10:00:11 | 000,191,488 | ---- | M] () -- D:\My Documents\Study Carrel.doc
[2010/10/12 09:12:57 | 000,043,836 | ---- | M] () -- D:\My Documents\Rider_ss.pdf
[2010/10/12 09:12:45 | 000,014,540 | ---- | M] () -- D:\My Documents\showNetworkVerification.htm
[2010/10/12 09:12:26 | 000,073,366 | ---- | M] () -- D:\My Documents\license.ss_.pdf
[2010/10/12 09:10:43 | 000,016,814 | ---- | M] () -- D:\My Documents\showParticipationSSForm.htm
[2010/10/12 07:59:04 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/11 12:07:52 | 000,001,537 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MarkBook 2010.lnk
[2010/10/11 10:43:53 | 000,117,760 | ---- | M] () -- D:\My Documents\gingerpoetry.doc
[2010/10/11 10:16:52 | 000,024,064 | ---- | M] () -- D:\My Documents\The Flintstones.doc
[2010/10/07 13:51:44 | 000,024,576 | ---- | M] () -- D:\My Documents\WHAT ARE THE EFFECTS OF KIDS EATING AN UNHEALTHY LUNCH.doc
[2010/10/07 10:05:08 | 000,021,504 | ---- | M] () -- D:\My Documents\Questions from the movie.doc
[2010/10/07 09:45:58 | 000,025,600 | ---- | M] () -- D:\My Documents\Review True or False.doc
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/12 13:59:41 | 000,075,776 | ---- | C] () -- D:\My Documents\Countries of Africa.doc
[2010/11/06 12:24:54 | 000,026,624 | ---- | C] () -- D:\My Documents\dog.doc
[2010/11/06 11:58:47 | 000,040,448 | ---- | C] () -- D:\My Documents\outwardappearance.doc
[2010/11/06 11:26:53 | 000,148,838 | ---- | C] () -- D:\My Documents\LiteraryElements.pdf
[2010/11/06 09:01:36 | 000,030,720 | ---- | C] () -- D:\My Documents\practicetest.doc
[2010/11/05 16:31:38 | 000,040,448 | ---- | C] () -- D:\My Documents\Scrap.shs
[2010/11/04 14:32:50 | 002,526,720 | ---- | C] () -- D:\My Documents\movieposters.doc
[2010/11/04 12:31:27 | 000,156,329 | ---- | C] () -- D:\Personal\Desktop\JavaRa.zip
[2010/11/04 11:19:27 | 2111,098,880 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/04 11:01:14 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\abc\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/11/04 10:25:26 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/04 10:11:54 | 000,748,544 | ---- | C] () -- D:\My Documents\Follow these instructions.doc
[2010/11/04 09:19:37 | 000,023,552 | ---- | C] () -- D:\My Documents\HALLOWEEN2010events.doc
[2010/11/04 09:12:36 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\abc\Application Data\start
[2010/11/04 09:02:45 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\abc\Application Data\completescan
[2010/11/04 08:59:43 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\abc\Application Data\install
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/11/04 08:58:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/11/04 08:58:20 | 000,522,240 | ---- | C] () -- C:\Documents and Settings\abc\Application Data\hotfix.exe
[2010/11/04 08:58:20 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\abc\Application Data\dkfjasdfshd.bat
[2010/11/03 12:54:55 | 000,020,480 | ---- | C] () -- D:\My Documents\INTRODUCTION TO GEOGRAPHY NOTES.doc
[2010/11/03 12:35:56 | 000,024,576 | ---- | C] () -- D:\My Documents\GEOGRAPHY.doc
[2010/11/03 09:57:19 | 000,025,600 | ---- | C] () -- D:\My Documents\Easter Island.doc
[2010/11/03 08:58:09 | 001,158,656 | ---- | C] () -- D:\My Documents\Conflict.ppt
[2010/11/03 08:56:33 | 000,029,696 | ---- | C] () -- D:\My Documents\Types of Conflict-quiz.doc
[2010/11/03 08:56:19 | 000,020,480 | ---- | C] () -- D:\My Documents\Internal or External Quiz.doc
[2010/11/03 08:54:42 | 000,390,656 | ---- | C] () -- D:\My Documents\littermsppt.ppt
[2010/11/03 08:47:55 | 001,350,144 | ---- | C] () -- D:\My Documents\EarlyHumans.ppt
[2010/11/03 08:05:03 | 000,081,920 | ---- | C] () -- D:\My Documents\africa.doc
[2010/11/02 15:25:19 | 000,024,064 | ---- | C] () -- D:\My Documents\vocabwallprint.doc
[2010/11/02 12:41:29 | 000,034,816 | ---- | C] () -- D:\My Documents\vocabtest8.doc
[2010/11/02 08:51:48 | 000,129,999 | ---- | C] () -- D:\My Documents\code_of_conduct.pdf
[2010/11/01 14:09:26 | 000,025,600 | ---- | C] () -- D:\My Documents\Vocabulary words.doc
[2010/11/01 08:59:38 | 000,025,600 | ---- | C] () -- D:\My Documents\Characterization exercises.doc
[2010/10/29 14:38:51 | 000,024,576 | ---- | C] () -- D:\My Documents\halloweenvan.doc
[2010/10/29 13:47:59 | 000,027,648 | ---- | C] () -- D:\My Documents\COPY.doc
[2010/10/29 12:45:08 | 000,024,576 | ---- | C] () -- D:\My Documents\testnov4th.doc
[2010/10/22 14:19:12 | 000,101,417 | ---- | C] () -- D:\My Documents\DeweyDetail.pdf
[2010/10/22 12:54:00 | 001,735,680 | ---- | C] () -- D:\My Documents\halloween images.doc
[2010/10/21 13:43:36 | 000,024,576 | ---- | C] () -- D:\My Documents\JOBS.doc
[2010/10/21 10:54:06 | 022,727,680 | ---- | C] () -- D:\My Documents\nonfiction pictures.doc
[2010/10/21 08:47:02 | 000,022,528 | ---- | C] () -- D:\My Documents\Homo habilis is known for.doc
[2010/10/21 06:54:59 | 000,038,912 | ---- | C] () -- D:\My Documents\8HISYP.doc
[2010/10/20 12:04:35 | 000,024,576 | ---- | C] () -- D:\My Documents\oct20thg7work.doc
[2010/10/19 13:45:07 | 000,024,064 | ---- | C] () -- D:\My Documents\Movies.doc
[2010/10/19 11:15:28 | 000,026,112 | ---- | C] () -- D:\My Documents\HALLOWEEN 2010.doc
[2010/10/18 12:54:41 | 000,025,088 | ---- | C] () -- D:\My Documents\TOPIC.doc
[2010/10/15 14:34:32 | 000,091,201 | ---- | C] () -- D:\My Documents\dubai_11_cand.pdf
[2010/10/15 14:31:25 | 000,278,753 | ---- | C] () -- D:\My Documents\Doha notice 2010.pdf
[2010/10/15 14:31:14 | 000,278,924 | ---- | C] () -- D:\My Documents\Dubai notice 2010.pdf
[2010/10/15 14:31:03 | 000,246,523 | ---- | C] () -- D:\My Documents\Abu Dhabi notice 2010.pdf
[2010/10/14 13:24:38 | 000,055,808 | ---- | C] () -- D:\My Documents\reading levels.doc
[2010/10/14 09:31:20 | 000,035,328 | ---- | C] () -- D:\My Documents\Stone Age materials.doc
[2010/10/14 08:27:06 | 000,095,860 | ---- | C] () -- D:\My Documents\Lexile Conversion Chart.pdf
[2010/10/13 15:17:27 | 001,070,822 | ---- | C] () -- D:\My Documents\CityMapReadingActivity02.pdf
[2010/10/13 15:17:24 | 000,923,316 | ---- | C] () -- D:\My Documents\CityMapReadingActivity01.pdf
[2010/10/13 15:16:57 | 000,029,371 | ---- | C] () -- D:\My Documents\mapsymbols.pdf
[2010/10/13 14:52:23 | 000,054,272 | ---- | C] () -- D:\My Documents\WORD.doc
[2010/10/12 09:12:57 | 000,043,836 | ---- | C] () -- D:\My Documents\Rider_ss.pdf
[2010/10/12 09:12:45 | 000,014,540 | ---- | C] () -- D:\My Documents\showNetworkVerification.htm
[2010/10/12 09:12:26 | 000,073,366 | ---- | C] () -- D:\My Documents\license.ss_.pdf
[2010/10/12 09:10:42 | 000,016,814 | ---- | C] () -- D:\My Documents\showParticipationSSForm.htm
[2010/10/12 08:26:05 | 000,024,064 | ---- | C] () -- D:\My Documents\library.doc
[2010/10/12 08:08:44 | 000,191,488 | ---- | C] () -- D:\My Documents\Study Carrel.doc
[2010/10/11 12:07:52 | 000,001,537 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MarkBook 2010.lnk
[2010/10/08 10:59:25 | 000,117,760 | ---- | C] () -- D:\My Documents\gingerpoetry.doc
[2010/10/07 13:51:44 | 000,024,576 | ---- | C] () -- D:\My Documents\WHAT ARE THE EFFECTS OF KIDS EATING AN UNHEALTHY LUNCH.doc
[2010/10/07 09:17:52 | 000,025,600 | ---- | C] () -- D:\My Documents\Review True or False.doc
[2010/05/24 08:09:29 | 000,000,050 | ---- | C] () -- C:\WINDOWS\rsbootbk.ini
[2010/05/07 14:41:50 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/03/26 10:21:24 | 000,000,066 | ---- | C] () -- C:\WINDOWS\XDICT.INI
[2009/03/26 09:47:13 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/26 09:33:33 | 000,000,092 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/03/25 03:34:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== Custom Scans ==========


< %systemroot%*. /mp /s >

< %systemroot%system32*.dll /lockedfiles >

< %systemroot%system32*.exe /lockedfiles >

< %systemroot%Tasks*.job /lockedfiles >

< %systemroot%system32drivers*.sys /lockedfiles >

< %systemroot%System32config*.sav >

< %systemroot%system32*.sys >

< %systemroot%system32drivers*.dll >

< %systemroot%system32drivers*.ini >

< %systemroot%system32drivers*.exe >

< %SYSTEMDRIVE%*.* >
[2009/03/25 11:46:09 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/03/25 11:38:54 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009/03/25 11:46:09 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/11/04 11:49:10 | 2111,098,880 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/25 11:46:09 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/03/25 11:46:09 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 04:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 04:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/11/04 11:49:09 | 536,870,912 | -HS- | M] () -- C:\pagefile.sys

< %PROGRAMFILES%*. >
[2009/03/26 09:36:29 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2009/03/26 09:32:10 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/11/04 12:16:36 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/03/25 11:42:27 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/03/26 09:55:15 | 000,000,000 | ---D | M] -- C:\Program Files\Flash Player 9.45
[2010/05/07 14:42:13 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/05/07 14:39:29 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/05/07 15:22:09 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/11/04 12:16:11 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/03/26 10:18:27 | 000,000,000 | ---D | M] -- C:\Program Files\Kingsoft
[2010/11/04 11:40:38 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/26 10:10:36 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/03/26 09:45:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2009/03/25 11:46:26 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/05/18 15:14:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/03/26 09:45:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/03/26 09:45:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/03/26 09:45:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/05/07 15:21:01 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/05/18 15:14:14 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2009/03/25 11:41:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2009/03/25 11:42:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/03/25 11:43:38 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/03/25 11:44:18 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/05/07 14:58:15 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/03/26 09:35:00 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/03/26 09:33:03 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2010/05/07 14:42:13 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2010/11/04 09:15:54 | 000,000,000 | ---D | M] -- C:\Program Files\Rising
[2009/03/25 11:51:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/03/26 09:36:54 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/03/26 10:03:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/03/25 11:41:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/03/25 11:44:22 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/03/25 11:46:26 | 000,000,000 | ---D | M] -- C:\Program Files\xerox

< %appdata%*.* >
[2010/11/04 11:22:36 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\completescan
[2009/03/25 03:34:31 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\abc\Application Data\desktop.ini
[2010/11/04 08:58:20 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\dkfjasdfshd.bat
[2010/11/04 08:58:20 | 000,522,240 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\hotfix.exe
[2010/11/04 08:59:43 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\install
[2010/11/04 09:12:36 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\abc\Application Data\start


< MD5 for: AGP440.SYS >
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 04:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2004/08/04 04:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/04 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2009/02/06 10:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$NtUninstallKB975467$\netlogon.dll
[2009/02/06 10:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2009/02/06 10:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\netlogon.dll
[2008/05/05 03:08:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=DE62B644439B7F84EA748C086FC749F5 -- C:\WINDOWS\$NtUninstallKB968389$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2004/08/03 22:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2004/08/03 22:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS

< HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs >

< End of report >


OTL Extras logfile created on: 11/4/2010 12:31:36 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = D:\Personal\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 83.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 512 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.30 Gb Total Space | 22.25 Gb Free Space | 75.95% Space Free | Partition Type: NTFS
Drive D: | 75.02 Gb Total Space | 74.40 Gb Free Space | 99.18% Space Free | Partition Type: NTFS
Drive E: | 42.94 Gb Total Space | 42.89 Gb Free Space | 99.87% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: CFYY001751 | User Name: abc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\360\360safe\safemon\360tray.exe" = C:\Program Files\360\360safe\safemon\360tray.exe:*:Enabled:360???????? -- File not found
"C:\Program Files\360\360safe\LiveUpdate360.exe" = C:\Program Files\360\360safe\LiveUpdate360.exe:*:Enabled:LiveUpdate360 -- File not found
"C:\Program Files\Rising\Rav\RavMonD.exe" = C:\Program Files\Rising\Rav\RavMonD.exe:*:Enabled:Rav Service -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B69DA57-BC7D-461D-B7D6-2AA9F08869CD}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{754DFFFD-91E2-4983-AB99-7A4D85AA7921}" = MarkBook 2010
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{988EA0EA-E702-4106-8953-BF9E13DF0AED}" = Powerword 2003
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 4.57
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"InstallShield_{0B69DA57-BC7D-461D-B7D6-2AA9F08869CD}" = QuickTime
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"RealPlayer 6.0" = RealPlayer
"VLC media player" = VideoLAN VLC media player 0.8.6d

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/7/2010 11:29:43 AM | Computer Name = CFYY001751 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module mshtml.dll, version 6.0.2900.3676, fault address 0x0007242e.

Error - 10/8/2010 6:41:01 PM | Computer Name = CFYY001751 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/11/2010 5:03:02 PM | Computer Name = CFYY001751 | Source = Application Hang | ID = 1002
Description = Hanging application MkBk2010.exe, version 10.0.0.192, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/13/2010 7:18:34 PM | Computer Name = CFYY001751 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/14/2010 4:05:12 PM | Computer Name = CFYY001751 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/14/2010 4:09:07 PM | Computer Name = CFYY001751 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/14/2010 4:30:49 PM | Computer Name = CFYY001751 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/14/2010 6:34:53 PM | Computer Name = CFYY001751 | Source = Application Error | ID = 1000
Description = Faulting application msimn.exe, version 6.0.2900.2180, faulting module
msoe.dll, version 6.0.2900.3598, fault address 0x00056a27.

Error - 10/15/2010 6:33:50 PM | Computer Name = CFYY001751 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/6/2010 3:27:06 PM | Computer Name = CFYY001751 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 9/23/2010 11:47:34 AM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 60 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9/23/2010 11:47:34 AM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 59 minutes. NtpClient has no source of accurate
time.

Error - 9/23/2010 12:47:34 PM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 120 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9/23/2010 12:47:34 PM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 119 minutes. NtpClient has no source of accurate
time.

Error - 9/23/2010 2:47:34 PM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 240 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9/23/2010 2:47:34 PM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 239 minutes. NtpClient has no source of accurate
time.

Error - 9/23/2010 6:47:34 PM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 480 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9/23/2010 6:47:34 PM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 479 minutes. NtpClient has no source of accurate
time.

Error - 9/24/2010 2:47:35 AM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 960 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9/24/2010 2:47:35 AM | Computer Name = CFYY001751 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 959 minutes. NtpClient has no source of accurate
time.


< End of report >

descriptionthink point virus EmptyRe: think point virus4th November 2010, 4:36 pm

more_horiz
Hi,

Welcome to GeekPolice.net!

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 172.*.*;
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 172.19.0.8:6000
    O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\abc\Application Data\hotfix.exe) - C:\Documents and Settings\abc\Application Data\hotfix.exe ()

    :Files
    C:\WINDOWS\tasks\At*.job


    :commands
    [emptytemp]
    [resethosts]


  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

=================

Please download ComboFix think point virus Combofix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

think point virus Query_RC
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
think point virus RC_successful

  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum