WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


XP "Windows Explorer has experienced a problem and needs to close" popup

2 posters

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyXP "Windows Explorer has experienced a problem and needs to close" popup6th November 2010, 3:12 pm

more_horiz
I have multiple XP Pro computers exhibiting the same basic behaviour. I believe it is caused by virus infection
which is why I am posting here. When opening My Computer, My Networks, Control Panel, and other functions
using Windows Explorer, I get the popup claiming Windows Explorer has experienced a problem and needs to
close. Selecting either the report or do not report buttons results in everything being cleared except the
wallpaper and then the desktop reappears. There is really nothing wrong since most everything works if you
ignore the popup. I have tried malware removal and running sfc, but it only helped in one case. It would
appear that explorer.exe in the Windows folder is contaminated since the popup appears even when starting
explorer from a command prompt. I don't think it really has anything to do with My Computer, etc. I have
also noted other problems like the c drive will not open in My Computer with a double left click. It will still open with a right click Explore. Also, it is impossible to enable viewing hidden files, even from the
Administrator account. Any ideas on how to resolve this other than wiping the drive and reloading the OS?

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyRe: XP "Windows Explorer has experienced a problem and needs to close" popup6th November 2010, 3:16 pm

more_horiz
Hi,

Welcome to GeekPolice.net!

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

............................................................................................

I'm livin' life in the fast lane.

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyRe: XP "Windows Explorer has experienced a problem and needs to close" popup6th November 2010, 5:51 pm

more_horiz
OTL logfile created on: 11/6/2010 1:02:17 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ryan Martin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.00 Mb Total Physical Memory | 319.00 Mb Available Physical Memory | 36.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 49.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 63.28 Gb Free Space | 84.99% Space Free | Partition Type: NTFS

Computer Name: RYAN-WLJ4QDZ4XH | User Name: Ryan Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/06 12:59:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ryan Martin\Desktop\OTL.exe
PRC - [2010/10/29 18:05:28 | 000,328,568 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2010/10/27 09:18:41 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/09/10 23:41:42 | 001,901,056 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/09/10 23:41:20 | 002,500,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/08/11 19:46:28 | 000,769,328 | ---- | M] (Pinball Corporation.) -- C:\Program Files\HBLite\bin\11.0.264.0\HBLiteSA.exe
PRC - [2010/03/24 16:26:02 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe
PRC - [2010/01/14 21:05:26 | 000,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 20:12:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dwwin.exe
PRC - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe
PRC - [2007/05/10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe


========== Modules (SafeList) ==========

MOD - [2010/11/06 12:59:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ryan Martin\Desktop\OTL.exe
MOD - [2010/09/10 23:41:40 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/10/26 18:16:08 | 000,057,624 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\QueryExplorer\queryexplorer117.exe -- (QueryExplorer Service)
SRV - [2010/09/10 23:41:42 | 001,901,056 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/01/14 21:05:26 | 000,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - [2010/09/10 23:40:52 | 000,239,240 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/09/10 23:40:48 | 000,015,592 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/03/16 18:10:56 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/03/02 16:53:20 | 001,972,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/11/21 04:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/12/01 01:40:56 | 000,936,960 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2005/12/01 01:40:12 | 000,192,512 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2005/12/01 01:40:08 | 000,669,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15462&l=dis
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTog1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {58beca16-cae6-4b7a-a0e8-153d0cbba63a} - C:\Program Files\Utubebario\tbUtub.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/10/27 09:24:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/10/27 09:24:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions [2010/10/27 12:10:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\HBLite@HBLite.com: C:\Program Files\HBLite\bin\11.0.264.0\firefox\extensions [2010/10/27 12:11:01 | 000,000,000 | ---D | M]

[2010/10/27 12:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan Martin\Application Data\Mozilla\Extensions
[2010/10/27 12:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan Martin\Application Data\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2001/08/23 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTog1.dll (Conduit Ltd.)
O2 - BHO: (ShopperReports) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.497.0\ShopperReports.dll (SmartShopper Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Utubebario Toolbar) - {58beca16-cae6-4b7a-a0e8-153d0cbba63a} - C:\Program Files\Utubebario\tbUtub.dll (Conduit Ltd.)
O2 - BHO: (IEHlprObj Class) - {5DA743EA-6725-4ADE-BF17-C328743011FD} - C:\WINDOWS\system32\kingie0.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTog1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Utubebario Toolbar) - {58beca16-cae6-4b7a-a0e8-153d0cbba63a} - C:\Program Files\Utubebario\tbUtub.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files\ToggleEN\tbTog1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Utubebario Toolbar) - {58BECA16-CAE6-4B7A-A0E8-153D0CBBA63A} - C:\Program Files\Utubebario\tbUtub.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [HBLiteSA] C:\Program Files\HBLite\bin\11.0.264.0\HBLiteSA.exe (Pinball Corporation.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.497.0\ShopperReports.dll (SmartShopper Inc.)
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.497.0\ShopperReports.dll (SmartShopper Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (regsvr.exe) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/01 18:51:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/11/04 21:45:17 | 000,000,061 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{9253cc04-9807-11df-bc5b-0015c5c93b74}\Shell\AutoRun\command - "" = F:\c6x.exe -- File not found
O33 - MountPoints2\{9253cc04-9807-11df-bc5b-0015c5c93b74}\Shell\open\Command - "" = F:\c6x.exe -- File not found
O33 - MountPoints2\{eb6de007-8568-11df-bc45-ab5f36ba3c35}\Shell\AutoRun\command - "" = E:\0r.exe -- File not found
O33 - MountPoints2\{eb6de007-8568-11df-bc45-ab5f36ba3c35}\Shell\open\Command - "" = E:\0r.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe - File not found
MsConfig - StartUpReg: king_hg - hkey= - key= - File not found
MsConfig - StartUpReg: Msn Messsenger - hkey= - key= - File not found
MsConfig - StartUpReg: rissos - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17746534284132352)

========== Files/Folders - Created Within 30 Days ==========

[2010/11/06 13:00:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ryan Martin\Desktop\OTL.exe
[2010/11/06 12:50:10 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/11/06 12:50:10 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/11/06 12:50:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/11/04 22:01:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\PCHealth
[2010/11/04 21:57:12 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2010/11/04 21:44:00 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010/11/04 21:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2010/11/04 16:19:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/11/01 11:49:42 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/11/01 11:49:42 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/11/01 11:49:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/11/01 11:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/11/01 11:48:48 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/11/01 11:48:48 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/11/01 11:48:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/11/01 11:48:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/10/29 18:08:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\My Documents\Downloads
[2010/10/29 18:07:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\AskToolbar
[2010/10/29 18:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\AskToolbar
[2010/10/29 18:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/10/29 18:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/10/29 18:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\uTorrent
[2010/10/27 12:22:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Desktop\Instruments
[2010/10/27 12:14:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\My Documents\LimeWire
[2010/10/27 12:13:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\Mozilla
[2010/10/27 12:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\LimeWire
[2010/10/27 12:12:37 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/10/27 12:12:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/10/27 12:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\Sun
[2010/10/27 12:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/10/27 12:11:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QueryExplorer
[2010/10/27 12:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Blinkx
[2010/10/27 12:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HBLiteSA
[2010/10/27 12:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/10/27 12:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\HBLite
[2010/10/27 12:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\HBLite
[2010/10/27 12:10:55 | 000,000,000 | ---D | C] -- C:\Program Files\ShopperReports3
[2010/10/27 12:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\ShopperReports3
[2010/10/27 12:05:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\ToggleEN
[2010/10/27 12:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\ToggleEN
[2010/10/27 12:05:10 | 000,000,000 | ---D | C] -- C:\Program Files\Snood 4
[2010/10/27 09:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/10/27 09:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010/10/27 09:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/10/27 09:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\Google
[2010/10/27 09:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/10/27 09:22:44 | 000,000,000 | ---D | C] -- C:\Program Files\ASIO4ALL v2
[2010/10/27 09:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2010/10/27 09:22:30 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll
[2010/10/27 09:22:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\OpenCandy
[2010/10/27 09:22:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\OpenCandy
[2010/10/27 09:22:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\My Documents\Image-Line
[2010/10/27 09:21:57 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\WINDOWS\System32\vorbis.acm
[2010/10/27 09:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\Adobe
[2010/10/27 09:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\VstPlugins
[2010/10/27 09:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim
[2010/10/27 09:20:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/10/27 09:19:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/10/27 09:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\Google
[2010/10/27 09:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/10/27 09:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/10/27 09:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2010/10/27 09:15:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Application Data\Macromedia
[2010/10/27 09:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/10/27 09:09:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\Conduit
[2010/10/27 09:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\Utubebario
[2010/10/27 09:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2010/10/27 09:09:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\ConduitEngine
[2010/10/27 09:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Utubebario
[2010/10/27 09:09:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\Temp
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/06 13:01:02 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/11/06 12:59:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ryan Martin\Desktop\OTL.exe
[2010/11/06 12:57:47 | 000,109,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/11/06 12:53:49 | 000,432,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/06 12:53:49 | 000,067,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/06 12:48:24 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/06 12:48:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/06 12:48:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/05 00:29:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/04 23:48:48 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2010/11/04 21:57:23 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/11/04 21:45:17 | 000,000,061 | RHS- | M] () -- C:\autorun.inf
[2010/11/04 21:44:13 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Antivirus.lnk
[2010/11/04 21:42:36 | 000,095,744 | RHS- | M] () -- C:\WINDOWS\System32\hgking1.dll
[2010/11/04 21:31:54 | 000,108,544 | RHS- | M] () -- C:\WINDOWS\System32\risabc0.dll
[2010/11/01 12:14:22 | 000,192,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/01 12:05:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/11/01 11:55:25 | 000,000,215 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/10/29 19:13:37 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\Ryan Martin\Desktop\Google Chrome.lnk
[2010/10/29 19:13:37 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Ryan Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/29 18:05:28 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Ryan Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/10/29 18:05:28 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/10/29 17:58:00 | 000,108,544 | RHS- | M] () -- C:\WINDOWS\System32\risabc1.dll
[2010/10/27 09:22:44 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\Ryan Martin\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2010/10/27 09:06:50 | 000,000,000 | RHS- | M] () -- C:\WINDOWS\System32\setting.ini
[2010/10/25 12:28:06 | 000,000,428 | ---- | M] () -- C:\Documents and Settings\Ryan Martin\My Documents\spider.sav
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/04 21:56:44 | 000,109,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/11/04 21:44:13 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO Antivirus.lnk
[2010/11/04 21:42:36 | 000,095,744 | RHS- | C] () -- C:\WINDOWS\System32\hgking1.dll
[2010/11/01 12:15:21 | 000,000,061 | RHS- | C] () -- C:\autorun.inf
[2010/10/29 19:13:37 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\Ryan Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/29 19:13:29 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\Ryan Martin\Desktop\Google Chrome.lnk
[2010/10/29 18:05:41 | 000,000,246 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/10/29 18:05:28 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Ryan Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/10/29 18:05:28 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/10/29 17:58:00 | 000,108,544 | RHS- | C] () -- C:\WINDOWS\System32\risabc1.dll
[2010/10/27 12:05:10 | 018,228,736 | ---- | C] () -- C:\Documents and Settings\Ryan Martin\Desktop\Snood.exe
[2010/10/27 09:22:44 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\Ryan Martin\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2010/10/27 09:18:58 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/27 09:18:56 | 000,000,892 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/27 09:07:04 | 000,108,544 | RHS- | C] () -- C:\WINDOWS\System32\risabc0.dll
[2010/10/27 09:06:49 | 000,000,000 | RHS- | C] () -- C:\WINDOWS\System32\setting.ini
[2010/10/25 12:28:06 | 000,000,428 | ---- | C] () -- C:\Documents and Settings\Ryan Martin\My Documents\spider.sav
[2010/07/25 22:12:20 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Ryan Martin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/24 16:57:31 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/07/01 22:22:41 | 000,000,215 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/07/01 19:57:08 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/07/01 19:57:07 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2010/07/01 14:40:49 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 08:00:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\kingie0.dll

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2007/03/02 16:54:36 | 000,307,200 | ---- | M] (ATI Technologies Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/07/01 14:38:49 | 000,090,112 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/07/01 14:38:49 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/07/01 14:38:49 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2001/08/23 08:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2001/08/23 08:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2001/08/23 08:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2001/08/23 08:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/03 22:46:56 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2001/08/23 08:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2001/08/23 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2001/08/23 08:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2001/08/23 08:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2001/08/23 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/03 22:45:10 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/03 22:45:16 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/03 22:45:12 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/03 22:45:16 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/03 22:45:14 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 14:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/08/31 09:42:52 | 001,852,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2008/04/13 20:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 20:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 20:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 20:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 20:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 20:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 20:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2007/03/02 16:15:10 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2008/04/13 20:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 20:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 20:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 20:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 20:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 20:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2008/04/13 20:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008/04/13 20:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2010/07/01 18:51:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/11/04 21:45:17 | 000,000,061 | RHS- | M] () -- C:\autorun.inf
[2010/11/04 23:48:48 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2010/07/01 18:51:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/07/01 18:51:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/01 18:51:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/01 19:09:24 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/07/02 19:28:57 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/11/06 12:48:03 | 704,643,072 | -HS- | M] () -- C:\pagefile.sys

< %PROGRAMFILES%\*. >
[2010/07/01 20:26:04 | 000,000,000 | ---D | M] -- C:\Program Files\AMD
[2010/10/27 09:22:44 | 000,000,000 | ---D | M] -- C:\Program Files\ASIO4ALL v2
[2010/10/29 18:05:44 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2010/07/01 21:02:17 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2010/10/27 09:24:45 | 000,000,000 | ---D | M] -- C:\Program Files\Bing Bar Installer
[2010/10/27 12:11:07 | 000,000,000 | ---D | M] -- C:\Program Files\Blinkx
[2010/07/01 19:55:31 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2010/11/01 11:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/11/04 21:44:00 | 000,000,000 | ---D | M] -- C:\Program Files\COMODO
[2010/07/01 18:48:02 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/10/27 09:09:46 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2010/10/27 09:09:38 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2010/07/01 21:31:01 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2010/07/01 19:57:07 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2010/07/01 20:35:19 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2010/10/29 19:13:29 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/10/27 12:11:01 | 000,000,000 | ---D | M] -- C:\Program Files\HBLite
[2010/07/01 21:32:52 | 000,000,000 | ---D | M] -- C:\Program Files\IDT
[2010/10/29 12:19:04 | 000,000,000 | ---D | M] -- C:\Program Files\Image-Line
[2010/07/01 22:05:26 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/11/01 11:59:32 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/11/01 11:48:45 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/10/29 12:04:28 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2010/07/02 20:28:59 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2010/10/27 09:24:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/07/24 16:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2010/07/01 18:51:37 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/07/24 16:55:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/10/27 09:24:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/07/24 16:53:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/11/01 11:52:43 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/07/02 18:52:06 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/07/01 18:47:49 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2010/07/01 18:47:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2010/10/27 09:24:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar
[2010/07/02 18:47:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2010/07/02 19:31:09 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2010/07/01 18:50:09 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/07/02 19:45:21 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/10/27 09:20:48 | 000,000,000 | ---D | M] -- C:\Program Files\Outsim
[2010/07/02 18:51:57 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/10/27 12:10:55 | 000,000,000 | ---D | M] -- C:\Program Files\ShopperReports3
[2010/07/01 22:05:26 | 000,000,000 | ---D | M] -- C:\Program Files\SigmaTel
[2010/10/29 17:59:45 | 000,000,000 | ---D | M] -- C:\Program Files\Snood 4
[2010/10/27 12:08:33 | 000,000,000 | ---D | M] -- C:\Program Files\ToggleEN
[2010/07/01 18:57:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/10/29 18:05:28 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/10/27 09:09:46 | 000,000,000 | ---D | M] -- C:\Program Files\Utubebario
[2010/10/29 19:15:36 | 000,000,000 | ---D | M] -- C:\Program Files\VstPlugins
[2010/07/25 22:12:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2010/07/02 19:31:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/07/01 20:00:42 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2010/07/01 18:51:37 | 000,000,000 | ---D | M] -- C:\Program Files\xerox

< %appdata%\*.* >
[2010/07/01 14:40:22 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Ryan Martin\Application Data\desktop.ini


< MD5 for: AGP440.SYS >
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/07/02 19:24:48 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2010/07/02 19:24:48 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/07/02 19:24:48 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2010/07/02 19:24:48 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2010/07/02 19:24:48 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys
[2010/07/02 19:24:48 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/03 22:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2010/07/02 19:24:48 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbstor.sys
[2010/07/02 19:24:48 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-01 16:05:33

< End of report >

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyRe: XP "Windows Explorer has experienced a problem and needs to close" popup6th November 2010, 5:54 pm

more_horiz
Could not send both due to size


OTL Extras logfile created on: 11/6/2010 1:02:17 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ryan Martin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.00 Mb Total Physical Memory | 319.00 Mb Available Physical Memory | 36.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 49.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 63.28 Gb Free Space | 84.99% Space Free | Partition Type: NTFS

Computer Name: RYAN-WLJ4QDZ4XH | User Name: Ryan Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0CCF6926-479F-FE86-FE27-9C944A8D242C}" = Catalyst Control Center Localization German
"{0FADBFEF-FC83-CC42-4951-E3D9FCFBB84F}" = Catalyst Control Center Graphics Full New
"{14359DB5-5F07-6773-3E17-C7388229CCFC}" = CCC Help English
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 22
"{2FA1A75E-AE60-FA59-D036-366D7F00B567}" = CCC Help French
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EE78BB8-5538-1186-8EA8-F12BD40185F9}" = Catalyst Control Center Graphics Full Existing
"{5E4B86E5-CD0E-4D3D-BE21-45A30326850A}" = Microsoft Search Enhancement Pack
"{611131AF-3475-B625-A987-9FBEA8584D39}" = Catalyst Control Center Localization Italian
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{6CCA5CB8-3332-D10A-96C4-B114C1D04704}" = Catalyst Control Center Graphics Light
"{6E0A0C2C-7D63-9786-6519-C94C9EC22599}" = Catalyst Control Center Localization Japanese
"{82E86238-89F5-758D-4B10-44229F980D2D}" = ccc-utility
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CF86054-49F7-D6E0-078A-CF7E2C03F487}" = Catalyst Control Center Localization Spanish
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{921F7EF3-D850-9CB6-2811-180F7AC1358B}" = Catalyst Control Center Localization Chinese Standard
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AFEB71C8-5A1F-4D3B-FD57-5E08166FE2EE}" = Skins
"{B48DBEEB-9EEF-9F27-E1D8-339340FC7178}" = Catalyst Control Center Localization Korean
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{B9F49E54-FEF1-1940-CA96-73DADDFEF2A2}" = CCC Help Chinese Standard
"{BAFCD194-FBC5-EA66-02E3-A44EBFAB7E27}" = CCC Help Italian
"{C084FA87-793F-9590-C96B-9DE325C5FA6E}" = CCC Help Korean
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C29B157B-96F6-AEBC-B2A4-001ABB08B1D1}" = CCC Help Portuguese
"{C346B1F7-277F-8C0E-8961-56E6D543AA54}" = CCC Help Japanese
"{C4E60A38-F0C1-AD6B-E130-CE214C98BD4B}" = CCC Help Spanish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D08C5590-7875-0E44-65EE-EE1D9C4A6FB1}" = CCC Help German
"{D5CF17D4-A616-0853-4EE8-50852BE6CA01}" = ccc-core-static
"{DE8AC8C4-D7D2-D6A7-B28B-9043DD65AA09}" = Catalyst Control Center Localization Chinese Traditional
"{E21DA178-9FB0-4F91-B79C-5A6DDEEBFB8D}" = Bing Bar Platform
"{F4CF6586-4426-793B-1E7E-5871A85EDE78}" = Catalyst Control Center Core Implementation
"{F868ADD5-65FC-97FB-D083-096292FA6E2F}" = CCC Help Chinese Traditional
"{F88F9DF7-042F-80D3-8883-19A8BF2A9DC7}" = Catalyst Control Center Localization French
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FE055AD6-C23A-B1B8-C0E6-A45C177E2E03}" = Catalyst Control Center Localization Portuguese
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Collab" = Collab
"conduitEngine" = Conduit Engine
"Drumaxx" = Drumaxx
"Google Chrome" = Google Chrome
"Hardcore" = Hardcore
"HBLiteSA" = Hotbar
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"PoiZone" = PoiZone
"Sakura" = Sakura
"Sawer" = Sawer
"ShopperReportsSA" = ShopperReports
"ToggleEN Toolbar" = ToggleEN Toolbar
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"Utubebario Toolbar" = Utubebario Toolbar
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"blinkx beat" = blinkx beat

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/4/2010 5:11:20 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x029bbc2f.

Error - 11/4/2010 5:12:15 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x02acbc2f.

Error - 11/4/2010 9:01:41 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module bcmwlcpl.cpl, version 4.100.15.8, fault address 0x0001bc2f.

Error - 11/4/2010 9:20:10 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 ccc.exe, P2 2.0.0.0, P3 451d264f, P4 cli.component.runtime,
P5 2.0.2621.41942, P6 45ee3cfc, P7 ca, P8 6, P9 system.nullreferenceexception,
P10 NIL.

Error - 11/4/2010 9:20:24 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 ccc.exe, P2 2.0.0.0, P3 451d264f, P4 mscorlib,
P5 2.0.0.0, P6 4be90358, P7 41bb, P8 27, P9 system.runtime.remoting.remoting, P10
NIL.

Error - 11/4/2010 11:33:00 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module preflib.dll, version 0.0.0.0, fault address 0x0000bc2f.

Error - 11/4/2010 11:38:13 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x025bbc2f.

Error - 11/5/2010 12:14:31 AM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x0257bc2f.

Error - 11/6/2010 12:49:51 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x026bbc2f.

Error - 11/6/2010 12:52:07 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x0256bc2f.

[ System Events ]
Error - 9/21/2010 6:27:43 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Schedule service.

Error - 9/23/2010 2:09:52 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 9/27/2010 12:38:58 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 10/24/2010 7:00:14 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 10/24/2010 7:15:00 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 10/24/2010 7:15:00 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 10/24/2010 7:15:00 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 10/24/2010 7:15:00 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 10/24/2010 7:15:02 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 10/24/2010 7:15:02 PM | Computer Name = RYAN-WLJ4QDZ4XH | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.


< End of report >

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyRe: XP "Windows Explorer has experienced a problem and needs to close" popup6th November 2010, 11:33 pm

more_horiz
Hi,

Please download ComboFix XP "Windows Explorer has experienced a problem and needs to close" popup Combofix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

XP "Windows Explorer has experienced a problem and needs to close" popup Query_RC
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
XP "Windows Explorer has experienced a problem and needs to close" popup RC_successful

  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

............................................................................................

I'm livin' life in the fast lane.

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyRe: XP "Windows Explorer has experienced a problem and needs to close" popup7th November 2010, 12:46 am

more_horiz
Thanks for your help. The laptop I was working with as an example
has lapsed into a coma. I think the only thing left is a reinstall.

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyRe: XP "Windows Explorer has experienced a problem and needs to close" popup7th November 2010, 5:24 pm

more_horiz
Hi,

That sucks.

Do you need any assistance carrying out a re-install?

............................................................................................

I'm livin' life in the fast lane.

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyRe: XP "Windows Explorer has experienced a problem and needs to close" popup7th November 2010, 10:20 pm

more_horiz
No. I have everything I need. The person that owns this laptop visits
a lot of web places that probably are risky, so he needs a good virus
protection product to prevent as much of this bad stuff from getting
on his computer. Do you have a recommendation for a product that does
not overload the cpu too much? He does not have much money so he
needs something decent that will not break the bank. Thanks again for
your help. By the way, what outcome were you expecting from ComboFix?
I take it the dump from OTL did not provide much enlightenment.

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyRe: XP "Windows Explorer has experienced a problem and needs to close" popup7th November 2010, 11:00 pm

more_horiz
Hi,

Glad you have what you need.

I would recommend either Avast, Avira, or Microsoft Security Essentials as a free anti-virus.

OTL gave me much information, but there wasn't really enough to make a fix for ComboFix would have got all I saw in the OTL log + more.

............................................................................................

I'm livin' life in the fast lane.

descriptionXP "Windows Explorer has experienced a problem and needs to close" popup EmptyRe: XP "Windows Explorer has experienced a problem and needs to close" popup

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum