Hello...I hope this isn't a duplicate, because I went to preview the first e-mail and completely lost the post.
Anyway, it all started when I had to get a new network card and drivers (installed at the computer store here) and a new router (router from my internet provider) and installation program online.
At that time, I was unable to bring up gamehouse.com on a web page. It always says it couldn't locate the page.
Also, if I played a game or if I went to a few sites, I would have to reboot my computer.
I then went to Stopzilla and did a scan. It found 178 problem files. In that scan it had the trojans listed in the subject line. The files are quarantined, but to remove the files I would have to purchase their program (which I am unable to do at this time).
I hope you are able to help me. Thanking you in advance!
OTL Extras logfile created on: 8/21/2011 4:32:10 AM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
509.98 Mb Total Physical Memory | 203.10 Mb Available Physical Memory | 39.82% Memory free
1.73 Gb Paging File | 0.66 Gb Available in Paging File | 38.14% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 98.74 Gb Free Space | 66.25% Space Free | Partition Type: NTFS
Computer Name: GINA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.exe [@ = exefile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\iWin Games\iWinGames.exe" = C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application. -- (iWin Inc.)
"C:\Program Files\iWin Games\WebUpdater.exe" = C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater. -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}" = Norton 360 HTMLHelp
"{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}" = HP Deskjet D1500 Printer Driver Software 10.0 Rel .3
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{10399D88-1CDC-4250-B957-B471EDD68591}_is1" = Jane's Hotel 3
"{15565047-F5FB-4662-81D1-8A3EF376297E}_is1" = Cooking Dash DinerTown Studios
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{19D8CFB2-FDDB-4D95-A6B3-CFE3472C2ACF}_is1" = Fitness Dash
"{1C617650-8B88-48D6-A6A2-EBF1744AF372}_is1" = Cash Out
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21829177-4DED-4209-AD08-490B3AC9C01A}" = Norton 360
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{24DF7221-644B-4C3A-A478-459502D40522}" = Backup
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{27F00C63-449B-2FAB-CBE8-24AB80E17449}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29D4D03C-F70B-43d9-82E4-6E5696FB0D1D}" = IObit Toolbar v4.6
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min
"{3121F433-5BB6-4E8A-985A-A3F76B03160F}_is1" = Gold Miner Vegas
"{32C4660C-73A4-48AB-BDB6-231FF324DDEC}_is1" = Delicious 5
"{33BEE6F3-9987-4F98-A069-97A64EC8321A}" = Microsoft Works Suite Add-in for Microsoft Word
"{345034AE-5CB5-42C4-AA43-5993A6004927}_is1" = Ye Old Sandwich Shoppe
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3576A28B-6882-4790-B3C6-780DEA449806}_is1" = Jewel Quest Heritage
"{35BD3C84-8C9D-4ACB-BECF-C04E120D4807}_is1" = Cake Mania Main Street
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{38436888-9EAA-4cec-A56F-65B73D9D423C}" = D1500
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{40B6149B-D1F4-4D61-9456-72C5D553110E}_is1" = Keys to Manhattan
"{42AEB776-99CB-4F34-803C-0F99180814B9}_is1" = Luxor 5th Passage
"{45690715-80A6-4445-B61D-ADEC5888E8CD}" = Symantec Technical Support Controls
"{49140327-BEBF-43dd-B386-43311A065609}" = hph_ProductContext
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E9751B6-9971-4CEA-8E95-252AD0C079E4}_is1" = Sushi Frenzy
"{530241F4-D15B-4E0B-B3F3-47F83BC285AA}" = STOPzilla
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A07D8BC-C982-43B3-B24F-6FD8D6E89F02}_is1" = FileServe Manager 1.0.0.3024
"{5B2ABC0F-1F6D-4BC0-88DE-EF32EDA92B36}" = SymNet
"{5D9C3FCE-A8BA-42F0-9019-769A1CF9A7A9}" = hph_software
"{5DC0DF76-3B2F-4C38-BE34-58627949BC1A}" = Mega Manager
"{5E97B802-0F3E-4EF9-9CDA-E14B7E42BB49}_is1" = Casino Island To Go
"{60D7AF14-0A47-450E-9547-B96238B22B63}_is1" = Treasures of Montezuma 3
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{63B6AF9D-FB3C-4500-A67B-F51F38778CAE}_is1" = Cake Mania To the Max
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6CB9F96B-F6F9-4620-AB4D-CA8BBC04DA90}_is1" = Vacation Quest The Hawaiian Islands
"{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76BEC1D7-8A9F-472D-84C7-014BB155E4B2}" = HP Photosmart and Deskjet 7.0 Software
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{82C113AD-486F-4bd5-A2EA-2383AF57D084}" = D1500_Help
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113721697}" = Diner Dash Hometown Hero
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114079860}" = Tri Peaks 2 Quest For The Ruby Ring
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116436960}" = Word Whomp( TM) Underground
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117336373}" = Diner Town Detective Agency
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119525623}" = Dream Day True Love
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{893429F2-083B-4F82-92DC-DFDC45E8503C}" = hph_readme
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A3BCBC4-301A-401A-9C6F-971A040CCCF8}_is1" = The Pirate Tales
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B8240B3-891D-4965-AA51-8799622D44FF}" = DJ_SF_03_D1500_ProductContext
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901E076E-371C-47A9-A5BA-37159F1C3887}_is1" = Luxor Adventures
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{92A83D67-8C71-45CB-A687-E45750E5177B}_is1" = Woodwille Chronicles
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{954615A2-881D-4A45-80C4-F26AB0378C9A}_is1" = Gourmania 3 Zoo Zoom
"{95E84093-017F-4819-A18F-EC72950850F0}_is1" = Sally's Studio
"{99082F38-3333-4C88-9C3B-C15E85A34D1D}_is1" = Paradise Quest
"{99089A57-141C-4B26-977A-520E812211FF}" = ASPCA Tri Reminder by We-Care.com
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BEE12D0-C2BF-4865-A8F6-6F46577F4FB4}_is1" = Yard Sale Hidden Treasures Lucky Junction
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9FDE1FEB-6774-4F21-976A-6AD48BDE19A7}_is1" = Julia's Quest United Kingdom
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA1675E3-4D03-4808-BDF5-992619544D12}" = Intel(R) Network Connections 16.4.69.0
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B1421599-A42D-47ef-B512-B9B0317BD599}" = DJ_SF_03_D1500_Software
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B8AD00BF-50EC-4029-84DF-D325B41C2466}_is1" = Jewel Keepers Easter Island
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9966F27-9678-4620-9579-925E3084647E}" = Microsoft Works
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BBBF3122-9A09-40B2-A065-CD684059FB19}" = hph_software_req
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E425B12D-527B-4C80-8D0E-0B16A5D8BCBD}_is1" = Delicious Emily's Childhood Memories
"{E49D9754-D328-41DC-87DD-E6F02DE4B153}_is1" = Luxor HD
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F46F704F-25B7-40E9-9273-EB729A193744}_is1" = Jewel Quest Mysteries The Seventh Gate
"{F8EF4778-F413-4BC5-94F1-92C86F735D61}_is1" = Cooking Dash 3 Thrills and Spills
"{FAE873F5-4F09-4CCB-9F78-BDFADF295B92}_is1" = Delicious winter edition Deluxe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"All Knight Diner (Diner Dash Hometown Hero - Gourmet)" = All Knight Diner (Diner Dash Hometown Hero - Gourmet)
"alotToolbar" = ALOT Toolbar
"Amazon Kindle" = Amazon Kindle
"am-burgerislandr2themissingingredient" = Burger Island(R) 2 - The Missing Ingredient
"am-cakemanialightscameraactiontm" = Cake Mania - Lights, Camera, Action!(TM)
"am-chroniclesofalbianthemagicconvention" = Chronicles of Albian - The Magic Convention
"am-farmfrenzy3madagascar" = Farm Frenzy 3 - Madagascar
"amg-10daysunderthesea" = 10 Days Under The Sea
"amg-1912titanicmystery" = 1912 Titanic Mystery
"amg-abundante" = Abundante!
"amg-bigcityadventuretmnewyorkcity" = Big City Adventure(TM) - New York City
"amg-bigkahunareef2chainreaction" = Big Kahuna Reef 2 - Chain Reaction
"amg-burgerbustle" = Burger Bustle
"amg-coffeerush" = Coffee Rush
"amg-coffeerush2" = Coffee Rush 2
"amg-cradleofrome2" = Cradle of Rome 2
"amg-cruisecluestmcaribbeanadventure" = Cruise Clues(TM) - Caribbean Adventure
"amg-cursedhouse" = Cursed House
"amg-darkparablescurseofbriarrose" = Dark Parables - Curse of Briar Rose
"amg-delicious2deluxe" = Delicious 2 Deluxe
"amg-deliciousemilysholidayseason" = Delicious - Emily's Holiday Season
"amg-deliciousemilystasteoffame" = Delicious - Emily's Taste of Fame
"amg-deliciousemilysteagarden" = Delicious - Emily's Tea Garden
"amg-detectiveagency" = Detective Agency
"amg-dominomastergold" = Domino Master Gold
"amg-dragonportals" = Dragon Portals
"amg-dragonstone" = Dragon Stone
"amg-dressuprush" = Dress Up Rush
"amg-farmfrenzy" = Farm Frenzy
"amg-farmfrenzy2" = Farm Frenzy 2
"amg-farmfrenzy3americanpie" = Farm Frenzy 3 - American Pie
"amg-farmfrenzypizzaparty" = Farm Frenzy - Pizza Party!
"amg-farmmania" = FarmMania
"amg-fashionassistant" = Fashion Assistant
"amg-fashionboutique" = Fashion Boutique
"amg-flashdating" = Flash Dating
"amg-gemsweeper" = Gemsweeper
"amg-goldfever" = Gold Fever
"amg-goldrushtreasurehunt" = Gold Rush - Treasure Hunt
"amg-gourmania" = Gourmania
"amg-heroesofkalevala" = Heroes of Kalevala
"amg-hiddenmagic" = Hidden Magic
"amg-hotdoghotshot" = Hotdog Hotshot
"amg-jessicascupcakecafe" = Jessica's Cupcake Cafe
"amg-jewelmatch2" = Jewel Match 2
"amg-kitchenbrigade" = Kitchen Brigade
"amg-liongthelostamulets" = Liong - The Lost Amulets
"amg-lostinreefs" = Lost in Reefs
"amg-luxorquestfortheafterlife" = Luxor - Quest for the Afterlife
"amg-mahjongginvestigationsundersuspicion" = Mahjongg Investigations - Under Suspicion
"amg-makingmrright" = Making Mr. Right
"amg-marykayandrewsthefixerupper" = Mary Kay Andrews - The Fixer Upper
"amg-matchmakerjoininghearts" = Matchmaker - Joining Hearts
"amg-memorabiliamiasmysteriousmemorymachine" = Memorabilia - Mia's Mysterious Memory Machine
"amg-mortimerbeckettandthetimeparadox" = Mortimer Beckett and the Time Paradox
"amg-mysterylegendstmsleepyhollow" = Mystery Legendsâ„¢ - Sleepy Hollow
"amg-mysterystoriesislandofhope" = Mystery Stories - Island of Hope
"amg-mysticemporium" = Mystic Emporium
"am-gourmania2greatexpectations" = Gourmania 2 - Great Expectations
"amg-pennydreadfulstmsweeneytodd" = Penny Dreadfuls(TM) Sweeney Todd
"amg-picketfences" = Picket Fences
"amg-pizzachef" = Pizza Chef
"amg-poshboutique" = Posh Boutique
"amg-poshboutique2" = Posh Boutique 2
"amg-poshshop" = Posh Shop
"amg-rainforestadventure" = Rainforest Adventure
"amg-ranchrush" = Ranch Rush
"amg-sallysquickclips" = Sally's Quick Clips
"amg-sallyssalon" = Sally's Salon
"amg-sallysspa" = Sally's Spa
"amg-successstory" = Success Story
"amg-supermarketmanagement" = Supermarket Management
"amg-supermarketmania" = Supermarket Mania
"amg-supermarketmaniar2" = Supermarket Mania(R) 2
"amg-thelostcasesofsherlockholmes" = The Lost Cases of Sherlock Holmes
"amg-thetreasuresofmontezuma2" = The Treasures of Montezuma 2
"amg-thetreasuresofmysteryisland" = The Treasures of Mystery Island
"amg-tikibar" = TikiBar
"amg-tropicalfarm" = Tropical Farm
"amg-wizardland" = Wizard Land
"amg-wizardshat" = Wizard's Hat
"amg-wordtravels" = Word Travels
"amg-youdasushichef" = Youda Sushi Chef
"amg-zumadeluxe" = Zuma Deluxe
"am-hobbyfarm" = Hobby Farm
"am-mirielsenchantedmystery" = Miriel's Enchanted Mystery
"am-mortimerbeckettandthelostking" = Mortimer Beckett and the Lost King
"am-mortimerbeckettandthesecretsofspookymanor" = Mortimer Beckett and the Secrets of Spooky Manor
"am-ranchrushr2" = Ranch Rush(R) 2
"am-theclockworkmanthehiddenworld" = The Clockwork Man - The Hidden World
"am-thetreasuresofmysteryisland2thegatesoffate" = The Treasures of Mystery Island 2 - The Gates of Fate
"am-zumasrevengetmadventure" = Zuma's Revenge!(TM) - Adventure
"AquaPearls_is1" = AquaPearls
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"BDStudioGames_is1" = BDStudioGames
"BFG-Burger Shop 2" = Burger Shop 2
"BFGC" = Big Fish Games: Game Manager
"BFG-Cake Mania 3" = Cake Mania 3
"BFG-Cake Shop" = Cake Shop
"BFG-Cooking Quest" = Cooking Quest
"BFG-Dream Day First Home" = Dream Day First Home
"BFG-Dream Day Wedding - Married in Manhattan" = Dream Day Wedding: Married in Manhattan
"BFG-Restaurant Rush" = Restaurant Rush
"BFG-Sea Journey" = Sea Journey
"BFG-Turbo Fiesta" = Turbo Fiesta
"BFG-Turbo Pizza" = Turbo Pizza
"BFG-Turbo Subs" = Turbo Subs
"BFG-Wedding Dash 4-Ever" = Wedding Dash 4-Ever
"BFG-Wedding Salon" = Wedding Salon
"BFG-Yard Sale Hidden Treasures - Sunnyville" = Yard Sale Hidden Treasures: Sunnyville
"Burger Island" = Burger Island
"Burger Shop" = Burger Shop
"BurgerTime Deluxe" = BurgerTime Deluxe
"Cake Mania To the Max" = Cake Mania To the Max (remove only)
"cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
"CenturyLink Remote Control" = CenturyLink Remote Control
"CheckIt Diagnostics" = CheckIt Diagnostics
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"Cooking Dash" = Cooking Dash
"Delicious 2 Deluxe" = Delicious 2 Deluxe
"Diner Dash" = Diner Dash
"Diner Dash Hometown Hero - Gourmet" = Diner Dash Hometown Hero - Gourmet
"Dream Day First Home" = Dream Day First Home
"Excel" = Microsoft Excel 97
"Farm Frenzy: Gone Fishing" = Farm Frenzy: Gone Fishing
"FarmMania2_is1" = FarmMania2
"Fashion Dash" = Fashion Dash
"Game Booster_is1" = Game Booster
"GameBox" = GameBox Toolbar
"GamesBar" = GamesBar 2.0.1.81
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"IObit Malware Fighter_is1" = IObit Malware Fighter
"iWinArcade" = iWin Games (remove only)
"Jane's Hotel" = Jane's Hotel
"Jane's Hotel Family Hero" = Jane's Hotel Family Hero
"Jewel Quest" = Jewel Quest
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Outlook 98" = Microsoft Outlook 98
"Miriel the Magical Merchant" = Miriel the Magical Merchant
"Mortimer Beckett and the Secrets of Spooky Manor" = Mortimer Beckett and the Secrets of Spooky Manor
"Mozilla Firefox (2.0)" = Mozilla Firefox (2.0)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyPublisher" = MyPublisher
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenAL" = OpenAL
"Pharaoh's Feast (Diner Dash Hometown Hero - Gourmet)" = Pharaoh's Feast (Diner Dash Hometown Hero - Gourmet)
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"Ranch Rush_is1" = Ranch Rush
"RealArcade" = RealArcade
"RealoreStudios Toolbar" = RealoreStudios Toolbar
"RealPlayer 12.0" = RealPlayer
"Reel Deal Slot Quest: Alice in Wonderland" = Reel Deal Slot Quest: Alice in Wonderland (remove only)
"Reel Deal Slot Quest: Under the Sea" = Reel Deal Slot Quest: Under the Sea (remove only)
"Romantic Rendezvous Restaurant (Diner Dash Hometown Hero - Gourmet)" = Romantic Rendezvous Restaurant (Diner Dash Hometown Hero - Gourmet)
"Sandlot Connect_is1" = Sandlot Connect Version 1.2.6
"Sara's Super Spa Deluxe" = Sara's Super Spa Deluxe
"SearchElf_1.1 Toolbar" = SearchElf 1.1 Toolbar
"Shockwave" = Shockwave
"Shop for HP Supplies" = Shop for HP Supplies
"Smart Defrag_is1" = Smart Defrag
"Sweet Home 3D_is1" = Sweet Home 3D version 2.6
"SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360 (Symantec Corporation)
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Dash Slipper (Diner Dash Hometown Hero - Gourmet)" = The Dash Slipper (Diner Dash Hometown Hero - Gourmet)
"UnityWebPlayer" = Unity Web Player
"Waterpark Madness Restaurant (Diner Dash Hometown Hero - Gourmet)" = Waterpark Madness Restaurant (Diner Dash Hometown Hero - Gourmet)
"Web Games Player Plugin" = Web Games Player Plugin
"Wedding Dash 2" = Wedding Dash 2
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X mas Blox_is1" = X mas Blox
"XfireXO Toolbar" = XfireXO Toolbar
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/11/2011 5:55:05 PM | Computer Name = GINA | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication
Foundation\ComSvcConfig.exe . Error code = 0x80070020
Error - 8/11/2011 5:58:53 PM | Computer Name = GINA | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: System.Workflow.ComponentModel, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
Error - 8/12/2011 4:27:45 AM | Computer Name = GINA | Source = Application Error | ID = 1000
Description = Faulting application quickclips.exe, version 0.0.0.0, faulting module
quickclips.exe, version 0.0.0.0, fault address 0x0024763a.
Error - 8/13/2011 2:51:44 AM | Computer Name = GINA | Source = Application Error | ID = 1000
Description = Faulting application jewel quest mysteries the seventh gate.exe, version
0.0.0.0, faulting module jewel quest mysteries the seventh gate.exe, version 0.0.0.0,
fault address 0x0000335a.
Error - 8/17/2011 1:20:41 PM | Computer Name = GINA | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.19120, fault address 0x00067b98.
Error - 8/18/2011 5:58:52 PM | Computer Name = GINA | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module user32.dll, version 5.1.2600.5512, fault address 0x0001b38b.
[ System Events ]
Error - 8/20/2011 4:10:37 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 4:10:37 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
Error - 8/20/2011 6:54:30 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 6:54:30 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
Error - 8/20/2011 7:02:37 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 7:02:37 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
Error - 8/20/2011 9:43:30 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 9:43:30 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
Error - 8/20/2011 10:34:04 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 10:34:04 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
< End of report >
aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software
Run date: 2011-08-21 05:17:49
-----------------------------
05:17:49.781 OS Version: Windows 5.1.2600 Service Pack 3
05:17:49.781 Number of processors: 1 586 0x304
05:17:49.812 ComputerName: GINA UserName:
05:17:52.671 Initialize success
05:23:40.375 AVAST engine defs: 11082100
05:24:47.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
05:24:47.750 Disk 0 Vendor: WDC_WD1600AAJB-00PVA0 00.07H00 Size: 152627MB BusType: 3
05:24:49.828 Disk 0 MBR read successfully
05:24:49.828 Disk 0 MBR scan
05:24:49.890 Disk 0 Windows XP default MBR code
05:24:49.906 Disk 0 scanning sectors +312560640
05:24:49.968 Disk 0 scanning C:\WINDOWS\system32\drivers
05:25:03.218 Service scanning
05:25:05.937 Modules scanning
05:25:19.296 Disk 0 trace - called modules:
05:25:19.421 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
05:25:19.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82ef3ab8]
05:25:19.421 3 CLASSPNP.SYS[f8728fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82f4a998]
05:25:27.375 AVAST engine scan C:\WINDOWS
05:25:35.031 AVAST engine scan C:\WINDOWS\system32
05:27:36.906 AVAST engine scan C:\WINDOWS\system32\drivers
05:27:53.468 AVAST engine scan C:\Documents and Settings\Owner
05:36:24.625 File: C:\Documents and Settings\Owner\Desktop\OTL.com **INFECTED** Win32:Rootkit-gen [Rtk]
05:39:01.671 File: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WAZCDVSZ\OTL[1].com **INFECTED** Win32:Rootkit-gen [Rtk]
05:39:52.296 AVAST engine scan C:\Documents and Settings\All Users
05:48:56.687 Scan finished successfully
05:49:58.156 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
05:49:58.234 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software
Run date: 2011-08-21 05:17:49
-----------------------------
05:17:49.781 OS Version: Windows 5.1.2600 Service Pack 3
05:17:49.781 Number of processors: 1 586 0x304
05:17:49.812 ComputerName: GINA UserName:
05:17:52.671 Initialize success
05:23:40.375 AVAST engine defs: 11082100
05:24:47.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
05:24:47.750 Disk 0 Vendor: WDC_WD1600AAJB-00PVA0 00.07H00 Size: 152627MB BusType: 3
05:24:49.828 Disk 0 MBR read successfully
05:24:49.828 Disk 0 MBR scan
05:24:49.890 Disk 0 Windows XP default MBR code
05:24:49.906 Disk 0 scanning sectors +312560640
05:24:49.968 Disk 0 scanning C:\WINDOWS\system32\drivers
05:25:03.218 Service scanning
05:25:05.937 Modules scanning
05:25:19.296 Disk 0 trace - called modules:
05:25:19.421 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
05:25:19.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82ef3ab8]
05:25:19.421 3 CLASSPNP.SYS[f8728fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82f4a998]
05:25:27.375 AVAST engine scan C:\WINDOWS
05:25:35.031 AVAST engine scan C:\WINDOWS\system32
05:27:36.906 AVAST engine scan C:\WINDOWS\system32\drivers
05:27:53.468 AVAST engine scan C:\Documents and Settings\Owner
05:36:24.625 File: C:\Documents and Settings\Owner\Desktop\OTL.com **INFECTED** Win32:Rootkit-gen [Rtk]
05:39:01.671 File: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WAZCDVSZ\OTL[1].com **INFECTED** Win32:Rootkit-gen [Rtk]
05:39:52.296 AVAST engine scan C:\Documents and Settings\All Users
05:48:56.687 Scan finished successfully
05:49:58.156 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
05:49:58.234 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
07:20:33.671 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
07:20:33.968 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
Results of screen317's Security Check version 0.99.18
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Norton 360
McAfee Security Scan Plus
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
CA Yahoo! Anti-Spy (remove only)
SUPERAntiSpyware
Java(TM) 6 Update 26
Out of date Java installed!
Flash Player Out of Date!
Adobe Flash Player 10.0.22.87
Adobe Reader X (10.1.0)
Mozilla Firefox (2.0.) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
IObit IObit Malware Fighter IMFsrv.exe
IObit IObit Malware Fighter IMF.exe
``````````End of Log````````````
The OTL.Txt is attched
Thanks again!
Anyway, it all started when I had to get a new network card and drivers (installed at the computer store here) and a new router (router from my internet provider) and installation program online.
At that time, I was unable to bring up gamehouse.com on a web page. It always says it couldn't locate the page.
Also, if I played a game or if I went to a few sites, I would have to reboot my computer.
I then went to Stopzilla and did a scan. It found 178 problem files. In that scan it had the trojans listed in the subject line. The files are quarantined, but to remove the files I would have to purchase their program (which I am unable to do at this time).
I hope you are able to help me. Thanking you in advance!
OTL Extras logfile created on: 8/21/2011 4:32:10 AM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
509.98 Mb Total Physical Memory | 203.10 Mb Available Physical Memory | 39.82% Memory free
1.73 Gb Paging File | 0.66 Gb Available in Paging File | 38.14% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 98.74 Gb Free Space | 66.25% Space Free | Partition Type: NTFS
Computer Name: GINA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\
.exe [@ = exefile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\iWin Games\iWinGames.exe" = C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application. -- (iWin Inc.)
"C:\Program Files\iWin Games\WebUpdater.exe" = C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater. -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}" = Norton 360 HTMLHelp
"{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}" = HP Deskjet D1500 Printer Driver Software 10.0 Rel .3
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{10399D88-1CDC-4250-B957-B471EDD68591}_is1" = Jane's Hotel 3
"{15565047-F5FB-4662-81D1-8A3EF376297E}_is1" = Cooking Dash DinerTown Studios
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{19D8CFB2-FDDB-4D95-A6B3-CFE3472C2ACF}_is1" = Fitness Dash
"{1C617650-8B88-48D6-A6A2-EBF1744AF372}_is1" = Cash Out
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21829177-4DED-4209-AD08-490B3AC9C01A}" = Norton 360
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{24DF7221-644B-4C3A-A478-459502D40522}" = Backup
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{27F00C63-449B-2FAB-CBE8-24AB80E17449}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29D4D03C-F70B-43d9-82E4-6E5696FB0D1D}" = IObit Toolbar v4.6
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min
"{3121F433-5BB6-4E8A-985A-A3F76B03160F}_is1" = Gold Miner Vegas
"{32C4660C-73A4-48AB-BDB6-231FF324DDEC}_is1" = Delicious 5
"{33BEE6F3-9987-4F98-A069-97A64EC8321A}" = Microsoft Works Suite Add-in for Microsoft Word
"{345034AE-5CB5-42C4-AA43-5993A6004927}_is1" = Ye Old Sandwich Shoppe
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3576A28B-6882-4790-B3C6-780DEA449806}_is1" = Jewel Quest Heritage
"{35BD3C84-8C9D-4ACB-BECF-C04E120D4807}_is1" = Cake Mania Main Street
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{38436888-9EAA-4cec-A56F-65B73D9D423C}" = D1500
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{40B6149B-D1F4-4D61-9456-72C5D553110E}_is1" = Keys to Manhattan
"{42AEB776-99CB-4F34-803C-0F99180814B9}_is1" = Luxor 5th Passage
"{45690715-80A6-4445-B61D-ADEC5888E8CD}" = Symantec Technical Support Controls
"{49140327-BEBF-43dd-B386-43311A065609}" = hph_ProductContext
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E9751B6-9971-4CEA-8E95-252AD0C079E4}_is1" = Sushi Frenzy
"{530241F4-D15B-4E0B-B3F3-47F83BC285AA}" = STOPzilla
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A07D8BC-C982-43B3-B24F-6FD8D6E89F02}_is1" = FileServe Manager 1.0.0.3024
"{5B2ABC0F-1F6D-4BC0-88DE-EF32EDA92B36}" = SymNet
"{5D9C3FCE-A8BA-42F0-9019-769A1CF9A7A9}" = hph_software
"{5DC0DF76-3B2F-4C38-BE34-58627949BC1A}" = Mega Manager
"{5E97B802-0F3E-4EF9-9CDA-E14B7E42BB49}_is1" = Casino Island To Go
"{60D7AF14-0A47-450E-9547-B96238B22B63}_is1" = Treasures of Montezuma 3
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{63B6AF9D-FB3C-4500-A67B-F51F38778CAE}_is1" = Cake Mania To the Max
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6CB9F96B-F6F9-4620-AB4D-CA8BBC04DA90}_is1" = Vacation Quest The Hawaiian Islands
"{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76BEC1D7-8A9F-472D-84C7-014BB155E4B2}" = HP Photosmart and Deskjet 7.0 Software
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{82C113AD-486F-4bd5-A2EA-2383AF57D084}" = D1500_Help
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113721697}" = Diner Dash Hometown Hero
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114079860}" = Tri Peaks 2 Quest For The Ruby Ring
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116436960}" = Word Whomp( TM) Underground
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117336373}" = Diner Town Detective Agency
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119525623}" = Dream Day True Love
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{893429F2-083B-4F82-92DC-DFDC45E8503C}" = hph_readme
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A3BCBC4-301A-401A-9C6F-971A040CCCF8}_is1" = The Pirate Tales
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B8240B3-891D-4965-AA51-8799622D44FF}" = DJ_SF_03_D1500_ProductContext
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901E076E-371C-47A9-A5BA-37159F1C3887}_is1" = Luxor Adventures
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{92A83D67-8C71-45CB-A687-E45750E5177B}_is1" = Woodwille Chronicles
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{954615A2-881D-4A45-80C4-F26AB0378C9A}_is1" = Gourmania 3 Zoo Zoom
"{95E84093-017F-4819-A18F-EC72950850F0}_is1" = Sally's Studio
"{99082F38-3333-4C88-9C3B-C15E85A34D1D}_is1" = Paradise Quest
"{99089A57-141C-4B26-977A-520E812211FF}" = ASPCA Tri Reminder by We-Care.com
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BEE12D0-C2BF-4865-A8F6-6F46577F4FB4}_is1" = Yard Sale Hidden Treasures Lucky Junction
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9FDE1FEB-6774-4F21-976A-6AD48BDE19A7}_is1" = Julia's Quest United Kingdom
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA1675E3-4D03-4808-BDF5-992619544D12}" = Intel(R) Network Connections 16.4.69.0
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B1421599-A42D-47ef-B512-B9B0317BD599}" = DJ_SF_03_D1500_Software
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B8AD00BF-50EC-4029-84DF-D325B41C2466}_is1" = Jewel Keepers Easter Island
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9966F27-9678-4620-9579-925E3084647E}" = Microsoft Works
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BBBF3122-9A09-40B2-A065-CD684059FB19}" = hph_software_req
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E425B12D-527B-4C80-8D0E-0B16A5D8BCBD}_is1" = Delicious Emily's Childhood Memories
"{E49D9754-D328-41DC-87DD-E6F02DE4B153}_is1" = Luxor HD
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F46F704F-25B7-40E9-9273-EB729A193744}_is1" = Jewel Quest Mysteries The Seventh Gate
"{F8EF4778-F413-4BC5-94F1-92C86F735D61}_is1" = Cooking Dash 3 Thrills and Spills
"{FAE873F5-4F09-4CCB-9F78-BDFADF295B92}_is1" = Delicious winter edition Deluxe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"All Knight Diner (Diner Dash Hometown Hero - Gourmet)" = All Knight Diner (Diner Dash Hometown Hero - Gourmet)
"alotToolbar" = ALOT Toolbar
"Amazon Kindle" = Amazon Kindle
"am-burgerislandr2themissingingredient" = Burger Island(R) 2 - The Missing Ingredient
"am-cakemanialightscameraactiontm" = Cake Mania - Lights, Camera, Action!(TM)
"am-chroniclesofalbianthemagicconvention" = Chronicles of Albian - The Magic Convention
"am-farmfrenzy3madagascar" = Farm Frenzy 3 - Madagascar
"amg-10daysunderthesea" = 10 Days Under The Sea
"amg-1912titanicmystery" = 1912 Titanic Mystery
"amg-abundante" = Abundante!
"amg-bigcityadventuretmnewyorkcity" = Big City Adventure(TM) - New York City
"amg-bigkahunareef2chainreaction" = Big Kahuna Reef 2 - Chain Reaction
"amg-burgerbustle" = Burger Bustle
"amg-coffeerush" = Coffee Rush
"amg-coffeerush2" = Coffee Rush 2
"amg-cradleofrome2" = Cradle of Rome 2
"amg-cruisecluestmcaribbeanadventure" = Cruise Clues(TM) - Caribbean Adventure
"amg-cursedhouse" = Cursed House
"amg-darkparablescurseofbriarrose" = Dark Parables - Curse of Briar Rose
"amg-delicious2deluxe" = Delicious 2 Deluxe
"amg-deliciousemilysholidayseason" = Delicious - Emily's Holiday Season
"amg-deliciousemilystasteoffame" = Delicious - Emily's Taste of Fame
"amg-deliciousemilysteagarden" = Delicious - Emily's Tea Garden
"amg-detectiveagency" = Detective Agency
"amg-dominomastergold" = Domino Master Gold
"amg-dragonportals" = Dragon Portals
"amg-dragonstone" = Dragon Stone
"amg-dressuprush" = Dress Up Rush
"amg-farmfrenzy" = Farm Frenzy
"amg-farmfrenzy2" = Farm Frenzy 2
"amg-farmfrenzy3americanpie" = Farm Frenzy 3 - American Pie
"amg-farmfrenzypizzaparty" = Farm Frenzy - Pizza Party!
"amg-farmmania" = FarmMania
"amg-fashionassistant" = Fashion Assistant
"amg-fashionboutique" = Fashion Boutique
"amg-flashdating" = Flash Dating
"amg-gemsweeper" = Gemsweeper
"amg-goldfever" = Gold Fever
"amg-goldrushtreasurehunt" = Gold Rush - Treasure Hunt
"amg-gourmania" = Gourmania
"amg-heroesofkalevala" = Heroes of Kalevala
"amg-hiddenmagic" = Hidden Magic
"amg-hotdoghotshot" = Hotdog Hotshot
"amg-jessicascupcakecafe" = Jessica's Cupcake Cafe
"amg-jewelmatch2" = Jewel Match 2
"amg-kitchenbrigade" = Kitchen Brigade
"amg-liongthelostamulets" = Liong - The Lost Amulets
"amg-lostinreefs" = Lost in Reefs
"amg-luxorquestfortheafterlife" = Luxor - Quest for the Afterlife
"amg-mahjongginvestigationsundersuspicion" = Mahjongg Investigations - Under Suspicion
"amg-makingmrright" = Making Mr. Right
"amg-marykayandrewsthefixerupper" = Mary Kay Andrews - The Fixer Upper
"amg-matchmakerjoininghearts" = Matchmaker - Joining Hearts
"amg-memorabiliamiasmysteriousmemorymachine" = Memorabilia - Mia's Mysterious Memory Machine
"amg-mortimerbeckettandthetimeparadox" = Mortimer Beckett and the Time Paradox
"amg-mysterylegendstmsleepyhollow" = Mystery Legendsâ„¢ - Sleepy Hollow
"amg-mysterystoriesislandofhope" = Mystery Stories - Island of Hope
"amg-mysticemporium" = Mystic Emporium
"am-gourmania2greatexpectations" = Gourmania 2 - Great Expectations
"amg-pennydreadfulstmsweeneytodd" = Penny Dreadfuls(TM) Sweeney Todd
"amg-picketfences" = Picket Fences
"amg-pizzachef" = Pizza Chef
"amg-poshboutique" = Posh Boutique
"amg-poshboutique2" = Posh Boutique 2
"amg-poshshop" = Posh Shop
"amg-rainforestadventure" = Rainforest Adventure
"amg-ranchrush" = Ranch Rush
"amg-sallysquickclips" = Sally's Quick Clips
"amg-sallyssalon" = Sally's Salon
"amg-sallysspa" = Sally's Spa
"amg-successstory" = Success Story
"amg-supermarketmanagement" = Supermarket Management
"amg-supermarketmania" = Supermarket Mania
"amg-supermarketmaniar2" = Supermarket Mania(R) 2
"amg-thelostcasesofsherlockholmes" = The Lost Cases of Sherlock Holmes
"amg-thetreasuresofmontezuma2" = The Treasures of Montezuma 2
"amg-thetreasuresofmysteryisland" = The Treasures of Mystery Island
"amg-tikibar" = TikiBar
"amg-tropicalfarm" = Tropical Farm
"amg-wizardland" = Wizard Land
"amg-wizardshat" = Wizard's Hat
"amg-wordtravels" = Word Travels
"amg-youdasushichef" = Youda Sushi Chef
"amg-zumadeluxe" = Zuma Deluxe
"am-hobbyfarm" = Hobby Farm
"am-mirielsenchantedmystery" = Miriel's Enchanted Mystery
"am-mortimerbeckettandthelostking" = Mortimer Beckett and the Lost King
"am-mortimerbeckettandthesecretsofspookymanor" = Mortimer Beckett and the Secrets of Spooky Manor
"am-ranchrushr2" = Ranch Rush(R) 2
"am-theclockworkmanthehiddenworld" = The Clockwork Man - The Hidden World
"am-thetreasuresofmysteryisland2thegatesoffate" = The Treasures of Mystery Island 2 - The Gates of Fate
"am-zumasrevengetmadventure" = Zuma's Revenge!(TM) - Adventure
"AquaPearls_is1" = AquaPearls
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"BDStudioGames_is1" = BDStudioGames
"BFG-Burger Shop 2" = Burger Shop 2
"BFGC" = Big Fish Games: Game Manager
"BFG-Cake Mania 3" = Cake Mania 3
"BFG-Cake Shop" = Cake Shop
"BFG-Cooking Quest" = Cooking Quest
"BFG-Dream Day First Home" = Dream Day First Home
"BFG-Dream Day Wedding - Married in Manhattan" = Dream Day Wedding: Married in Manhattan
"BFG-Restaurant Rush" = Restaurant Rush
"BFG-Sea Journey" = Sea Journey
"BFG-Turbo Fiesta" = Turbo Fiesta
"BFG-Turbo Pizza" = Turbo Pizza
"BFG-Turbo Subs" = Turbo Subs
"BFG-Wedding Dash 4-Ever" = Wedding Dash 4-Ever
"BFG-Wedding Salon" = Wedding Salon
"BFG-Yard Sale Hidden Treasures - Sunnyville" = Yard Sale Hidden Treasures: Sunnyville
"Burger Island" = Burger Island
"Burger Shop" = Burger Shop
"BurgerTime Deluxe" = BurgerTime Deluxe
"Cake Mania To the Max" = Cake Mania To the Max (remove only)
"cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
"CenturyLink Remote Control" = CenturyLink Remote Control
"CheckIt Diagnostics" = CheckIt Diagnostics
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"Cooking Dash" = Cooking Dash
"Delicious 2 Deluxe" = Delicious 2 Deluxe
"Diner Dash" = Diner Dash
"Diner Dash Hometown Hero - Gourmet" = Diner Dash Hometown Hero - Gourmet
"Dream Day First Home" = Dream Day First Home
"Excel" = Microsoft Excel 97
"Farm Frenzy: Gone Fishing" = Farm Frenzy: Gone Fishing
"FarmMania2_is1" = FarmMania2
"Fashion Dash" = Fashion Dash
"Game Booster_is1" = Game Booster
"GameBox" = GameBox Toolbar
"GamesBar" = GamesBar 2.0.1.81
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"IObit Malware Fighter_is1" = IObit Malware Fighter
"iWinArcade" = iWin Games (remove only)
"Jane's Hotel" = Jane's Hotel
"Jane's Hotel Family Hero" = Jane's Hotel Family Hero
"Jewel Quest" = Jewel Quest
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Outlook 98" = Microsoft Outlook 98
"Miriel the Magical Merchant" = Miriel the Magical Merchant
"Mortimer Beckett and the Secrets of Spooky Manor" = Mortimer Beckett and the Secrets of Spooky Manor
"Mozilla Firefox (2.0)" = Mozilla Firefox (2.0)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyPublisher" = MyPublisher
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenAL" = OpenAL
"Pharaoh's Feast (Diner Dash Hometown Hero - Gourmet)" = Pharaoh's Feast (Diner Dash Hometown Hero - Gourmet)
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"Ranch Rush_is1" = Ranch Rush
"RealArcade" = RealArcade
"RealoreStudios Toolbar" = RealoreStudios Toolbar
"RealPlayer 12.0" = RealPlayer
"Reel Deal Slot Quest: Alice in Wonderland" = Reel Deal Slot Quest: Alice in Wonderland (remove only)
"Reel Deal Slot Quest: Under the Sea" = Reel Deal Slot Quest: Under the Sea (remove only)
"Romantic Rendezvous Restaurant (Diner Dash Hometown Hero - Gourmet)" = Romantic Rendezvous Restaurant (Diner Dash Hometown Hero - Gourmet)
"Sandlot Connect_is1" = Sandlot Connect Version 1.2.6
"Sara's Super Spa Deluxe" = Sara's Super Spa Deluxe
"SearchElf_1.1 Toolbar" = SearchElf 1.1 Toolbar
"Shockwave" = Shockwave
"Shop for HP Supplies" = Shop for HP Supplies
"Smart Defrag_is1" = Smart Defrag
"Sweet Home 3D_is1" = Sweet Home 3D version 2.6
"SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360 (Symantec Corporation)
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Dash Slipper (Diner Dash Hometown Hero - Gourmet)" = The Dash Slipper (Diner Dash Hometown Hero - Gourmet)
"UnityWebPlayer" = Unity Web Player
"Waterpark Madness Restaurant (Diner Dash Hometown Hero - Gourmet)" = Waterpark Madness Restaurant (Diner Dash Hometown Hero - Gourmet)
"Web Games Player Plugin" = Web Games Player Plugin
"Wedding Dash 2" = Wedding Dash 2
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X mas Blox_is1" = X mas Blox
"XfireXO Toolbar" = XfireXO Toolbar
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/11/2011 5:55:05 PM | Computer Name = GINA | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication
Foundation\ComSvcConfig.exe . Error code = 0x80070020
Error - 8/11/2011 5:58:53 PM | Computer Name = GINA | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: System.Workflow.ComponentModel, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
Error - 8/12/2011 4:27:45 AM | Computer Name = GINA | Source = Application Error | ID = 1000
Description = Faulting application quickclips.exe, version 0.0.0.0, faulting module
quickclips.exe, version 0.0.0.0, fault address 0x0024763a.
Error - 8/13/2011 2:51:44 AM | Computer Name = GINA | Source = Application Error | ID = 1000
Description = Faulting application jewel quest mysteries the seventh gate.exe, version
0.0.0.0, faulting module jewel quest mysteries the seventh gate.exe, version 0.0.0.0,
fault address 0x0000335a.
Error - 8/17/2011 1:20:41 PM | Computer Name = GINA | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.19120, fault address 0x00067b98.
Error - 8/18/2011 5:58:52 PM | Computer Name = GINA | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module user32.dll, version 5.1.2600.5512, fault address 0x0001b38b.
[ System Events ]
Error - 8/20/2011 4:10:37 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 4:10:37 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
Error - 8/20/2011 6:54:30 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 6:54:30 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
Error - 8/20/2011 7:02:37 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 7:02:37 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
Error - 8/20/2011 9:43:30 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 9:43:30 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
Error - 8/20/2011 10:34:04 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 8/20/2011 10:34:04 PM | Computer Name = GINA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde
< End of report >
aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software
Run date: 2011-08-21 05:17:49
-----------------------------
05:17:49.781 OS Version: Windows 5.1.2600 Service Pack 3
05:17:49.781 Number of processors: 1 586 0x304
05:17:49.812 ComputerName: GINA UserName:
05:17:52.671 Initialize success
05:23:40.375 AVAST engine defs: 11082100
05:24:47.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
05:24:47.750 Disk 0 Vendor: WDC_WD1600AAJB-00PVA0 00.07H00 Size: 152627MB BusType: 3
05:24:49.828 Disk 0 MBR read successfully
05:24:49.828 Disk 0 MBR scan
05:24:49.890 Disk 0 Windows XP default MBR code
05:24:49.906 Disk 0 scanning sectors +312560640
05:24:49.968 Disk 0 scanning C:\WINDOWS\system32\drivers
05:25:03.218 Service scanning
05:25:05.937 Modules scanning
05:25:19.296 Disk 0 trace - called modules:
05:25:19.421 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
05:25:19.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82ef3ab8]
05:25:19.421 3 CLASSPNP.SYS[f8728fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82f4a998]
05:25:27.375 AVAST engine scan C:\WINDOWS
05:25:35.031 AVAST engine scan C:\WINDOWS\system32
05:27:36.906 AVAST engine scan C:\WINDOWS\system32\drivers
05:27:53.468 AVAST engine scan C:\Documents and Settings\Owner
05:36:24.625 File: C:\Documents and Settings\Owner\Desktop\OTL.com **INFECTED** Win32:Rootkit-gen [Rtk]
05:39:01.671 File: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WAZCDVSZ\OTL[1].com **INFECTED** Win32:Rootkit-gen [Rtk]
05:39:52.296 AVAST engine scan C:\Documents and Settings\All Users
05:48:56.687 Scan finished successfully
05:49:58.156 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
05:49:58.234 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software
Run date: 2011-08-21 05:17:49
-----------------------------
05:17:49.781 OS Version: Windows 5.1.2600 Service Pack 3
05:17:49.781 Number of processors: 1 586 0x304
05:17:49.812 ComputerName: GINA UserName:
05:17:52.671 Initialize success
05:23:40.375 AVAST engine defs: 11082100
05:24:47.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
05:24:47.750 Disk 0 Vendor: WDC_WD1600AAJB-00PVA0 00.07H00 Size: 152627MB BusType: 3
05:24:49.828 Disk 0 MBR read successfully
05:24:49.828 Disk 0 MBR scan
05:24:49.890 Disk 0 Windows XP default MBR code
05:24:49.906 Disk 0 scanning sectors +312560640
05:24:49.968 Disk 0 scanning C:\WINDOWS\system32\drivers
05:25:03.218 Service scanning
05:25:05.937 Modules scanning
05:25:19.296 Disk 0 trace - called modules:
05:25:19.421 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
05:25:19.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82ef3ab8]
05:25:19.421 3 CLASSPNP.SYS[f8728fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82f4a998]
05:25:27.375 AVAST engine scan C:\WINDOWS
05:25:35.031 AVAST engine scan C:\WINDOWS\system32
05:27:36.906 AVAST engine scan C:\WINDOWS\system32\drivers
05:27:53.468 AVAST engine scan C:\Documents and Settings\Owner
05:36:24.625 File: C:\Documents and Settings\Owner\Desktop\OTL.com **INFECTED** Win32:Rootkit-gen [Rtk]
05:39:01.671 File: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WAZCDVSZ\OTL[1].com **INFECTED** Win32:Rootkit-gen [Rtk]
05:39:52.296 AVAST engine scan C:\Documents and Settings\All Users
05:48:56.687 Scan finished successfully
05:49:58.156 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
05:49:58.234 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
07:20:33.671 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
07:20:33.968 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
Results of screen317's Security Check version 0.99.18
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Norton 360
McAfee Security Scan Plus
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
CA Yahoo! Anti-Spy (remove only)
SUPERAntiSpyware
Java(TM) 6 Update 26
Out of date Java installed!
Flash Player Out of Date!
Adobe Flash Player 10.0.22.87
Adobe Reader X (10.1.0)
Mozilla Firefox (2.0.) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
IObit IObit Malware Fighter IMFsrv.exe
IObit IObit Malware Fighter IMF.exe
``````````End of Log````````````
The OTL.Txt is attched
Thanks again!
Please download Malwarebytes Anti-Malware from 
from 
button.
to download the ESET Smart Installer. Save it to your desktop.
icon on your desktop.
button.
, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
button.
