Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help wanted!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help wanted!

Unread postby Dorothy » November 16th, 2010, 9:49 pm

My Problem:

Browser hijacks, lots of them to epoclick, gugle (sp?), The Click Check, Lycos, to other search engines, and to many other sites that are NOT search engines, just junk. Have had system turn off during boot up too a few times, which is kind scary.


HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:33:01 PM, on 11/16/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\iGive_Toolbar\igvtt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Documents and Settings\Dot\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\iGive_Toolbar\igvtp.exe
C:\Documents and Settings\Dot\My Documents\Downloads\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dot\My Documents\Downloads\HijackThis(2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ms101.mysearch.com/sa/srchlft.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: (no name) - {b6a73a11-0161-bbd1-427e-0c61e7e66e17} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: (no name) - {FA73AE1B-4BA9-4E8B-832B-54A287FF1B7F} - (no file)
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igvtm] "C:\Program Files\iGive_Toolbar\igvtt.exe"
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Dot\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google AdSense Preview Tool - http://pagead2.googlesyndication.com/pa ... eview.html
O8 - Extra context menu item: iGive Toolbar - file://C:\Documents and Settings\Dot\Application Data\iGive_Toolbar\igvtt\igvtC5.htm
O8 - Extra context menu item: Save Flash - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {11A02365-2859-4598-A9D5-4FDE99D67723} - http://www.pqprintcenter.com/plugin/axv ... ck1611.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} - http://makeover.ivillage.co.uk/save/makeover.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - http://picasaweb.google.com/s/v/56.25/uploader2.cab
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} (MSN Money Charting) - http://moneycentral.msn.com/cabs/pmupd806.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - http://picasaweb.google.com/s/v/54.16/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://sidestep.com/get/k00719/sb02a.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqna/downloads/msxml4.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4056/ ... oupons.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} - http://merillat.view22.com/view22/roomapp/View22RTE.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/share ... cgdmgr.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Unknown owner - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\System32\rsvp.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 14496 bytes

Uninstall List

ActiveState Komodo Edit 5.2.4
Adobe Download Manager 1.2 (Remove Only)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 6.0
Adobe Reader 6.0.1
Adobe Reader 9.4.0
Adobe Shockwave Player 11.5
Advanced SystemCare 3
Any Video Converter 3.0.7
AnyTime Deluxe Edition 7.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atrise ToHTML 2.1.0
AVG 2011
AVG 2011
AVG 2011
Bink and Smacker
Brother MFL-Pro Suite
CCleaner
CoffeeCup Flash FireStarter
ColorSelectStudio
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Solution Center
Dell Support 3.1
Dell Support Center (Support Software)
DellSupport
ESSSONIC
Eye Candy 4000
Flash Saving Plugin
Flash Text Fader 1.0
FoneSync
Free Convert MPEG WMV to MP4 FLV AVI Converter 5.8
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HTML Slideshow Powertoy for Windows XP
iGive Toolbar
Indeo® Software
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet
Internet Explorer Default Page
iPod for Windows 2006-06-28
iTunes
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_03
Java 2 Runtime Environment, SE v1.4.2_05
Java 2 Runtime Environment, SE v1.4.2_06
Java(TM) 6 Update 2
Java(TM) 6 Update 21
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
kgcbase
K-Lite Codec Pack 4.0.0 (Full)
Listen Rhapsody
Macromedia Dreamweaver 4
Macromedia Flash 5
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft FrontPage 2000
Microsoft Image Composer 1.5
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft Office Converter Pack
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office PowerPoint 2003 Template Creation Wizard
Microsoft Office PowerPoint 2003 Template Pack 1
Microsoft Office PowerPoint 2003 Template Pack 2
Microsoft Office PowerPoint 2003 Template Pack 3
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Professional Edition 2003
Microsoft Producer for Microsoft Office PowerPoint 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works 2001 Setup Launcher
Microsoft Works 6.0
Microsoft Works 6-9 Converter
Microsoft Works Suite Add-in for Microsoft Word
Modem Event Monitor
Modem Helper
Modem On Hold
Mozilla Firefox (3.5.7)
MSN Money Investment Toolbox
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB954459)
NeoTrace Express 3.25
Nvu 1.0
OGA Notifier 2.0.0048.0
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Paint Shop Pro 5.01
Paint Shop Pro 7 ESD
PaperPort
PDF reDirect (remove only)
Photo Story 3 for Windows
Picasa 3
QuickTime
RealPlayer
RealUpgrade 1.0
Search Settings 1.2
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Smart Defrag
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SonicStage 4.3
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
STOPzilla
SureThing CD Labeler - Stomper Edition 32 bit
SWF Opener
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WeatherBug
WebCyberCoach 3.2 Dell
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Imaging Component
Windows Internet Explorer 8
Windows Live installer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Presentation Foundation
Windows XP Service Pack 3
WinZip
WordPerfect Office 12
Zoombinis Logical Journey(TM)

MANY THANKS FOR ANY HELP
Dorothy
Regular Member
 
Posts: 49
Joined: November 16th, 2010, 8:36 pm
Advertisement
Register to Remove

Re: Help wanted!

Unread postby MWR 3 day Mod » November 20th, 2010, 2:42 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: Help wanted!

Unread postby melboy » November 20th, 2010, 7:31 pm

Hi and welcome to the MR forums. :)

I'm melboy and I am going to try to help you with your problem. Please take note of the following:

  1. I will be working on your Malware issues this may or may not solve other issues you have with your machine.
  2. The fixes are specific to your problem and should only be used for this issue on this machine.
  3. If you don't know or understand something, please don't hesitate to ask.
  4. Please refrain from making any further changes to your computer (Install/Uninstall programs, delete files, edit the registry, etc...)
  5. Please DO NOT run any other tools or scans whilst I am helping you.
  6. It is important that you reply to this thread. Do not start a new topic.
  7. DO NOT attach logs unless requested to. Please copy/paste all requested logs into your replies.
  8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  9. Absence of symptoms does not mean that everything is clear.


NOTE: Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.


IMPORTANT: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.



No Reply Within 3 Days Will Result In Your Topic Being Closed!! If you need more time, please inform me.


======================================================


DDS

Please download DDS from one of the links below and save it to your desktop:

Link1
Link2
Link3

Temporarily disable any real-time active protection and then double click dds.scr to run the tool. A command window will appear, this is normal.

Image
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop.

Please copy & paste the contents of :
  • DDS.txt
  • Attach.txt
And post them in your next reply.



Gmer

Download GMER Rootkit Scanner from here.

  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
    See image below
    Image
  • Then click the Scan button & wait for it to finish
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
  • Save it where you can easily find it, such as your desktop, and post it in your next reply
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

-- If GMER crashes or results in a BSoD, please inform me --

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries





Note: Do not run any programs while Gmer is running.
In your next reply:
  1. DDS.txt
  2. Attach.txt
  3. GMER log
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

dds.txt AND sttach .txt

Unread postby Dorothy » November 21st, 2010, 4:46 pm

DDS.TXT:

DDS (Ver_10-11-10.01) - NTFSx86
Run by Dot at 13:29:22.14 on Sun 11/21/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1197 [GMT -

7:00]

AV: AVG Anti-Virus Free Edition 2011 *On-access scanning disabled* (Updated)

{17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device

Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\iGive_Toolbar\igvtt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iGive_Toolbar\igvtp.exe
C:\Documents and Settings\Dot\Local Settings\Application

Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dot\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mSearch Bar = hxxp://ms101.mysearch.com/sa/srchlft.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} -

c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program

files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program

files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} -

c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} -

c:\windows\system32\dla\tfswshx.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} -

c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: {b6a73a11-0161-bbd1-427e-0c61e7e66e17} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} -

c:\program files\java\jre6\bin\jp2ssv.dll
BHO: STOPzilla Browser Helper Object: {e3215f20-3212-11d6-9f8b-00d0b743919d} -

c:\program files\stopzilla!\SZIEBHO.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} -

c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: iGive Toolbar: {fa73ae1b-4ba9-4e8b-832b-54a287ff1b7f} - c:\program

files\igive_toolbar\igvtb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program

files\yahoo!\companion\installs\cpn1\yt.dll
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search &

destroy\TeaTimer.exe
uRun: [Google Update] "c:\documents and settings\dot\local

settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3

\AWC.exe" /startup
uRun: [swg] "c:\program

files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igvtm] "c:\program files\igive_toolbar\igvtt.exe"
mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [dellsupportcenter] "c:\program files\dell support

center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [dscactivate] "c:\program files\dell support

center\gs_agent\custom\dsca.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0

\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk -

c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~2.lnk -

c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk -

c:\program files\common files\microsoft shared\works shared\wkcalrem.exe
IE: &NeoTrace It! - c:\progra~1\neotra~1\NTXcontext.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google AdSense Preview Tool -

http://pagead2.googlesyndication.com/pa ... eview.html
IE: iGive Toolbar - file://c:\documents and settings\dot\application

data\igive_toolbar\igvtt\igvtC5.htm
IE: Save Flash - c:\program files\unh solutions\flash saving

plugin\FlashSButton.dll/210
IE: Save YouTube Video - c:\program files\unh solutions\flash saving

plugin\FlashSButton.dll/217
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network

Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program

files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-

96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-

206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} -

hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} -

hxxp://download.microsoft.com/download/ ... 49da-8356-

bc4132038945/VirtualEarth3D.cab
DPF: {11A02365-2859-4598-A9D5-4FDE99D67723} -

hxxp://www.pqprintcenter.com/plugin/axv ... ck1611.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} -

hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} -

hxxp://makeover.ivillage.co.uk/save/makeover.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!

\common\yinsthelper.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} -

hxxp://download.microsoft.com/download/ ... 48b7-adab-

ab9c403a978f/wvc1dmo.cab
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} -

hxxp://picasaweb.google.com/s/v/56.25/uploader2.cab
DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} -

hxxp://moneycentral.msn.com/cabs/pmupd806.exe
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -

hxxp://office.microsoft.com/officeupdat ... /opuc3.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} -

hxxp://photos.walmart.com/WalmartActivia.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} -

hxxp://picasaweb.google.com/s/v/54.16/uploader2.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} -

hxxp://dlm.tools.akamai.com/dlmanager/v ... m-activex-

2.2.5.7.cab
DPF: {49232000-16E4-426C-A231-62846947304B} -

hxxp://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -

hxxp://download.mcafee.com/molbin/shared/mcinsctl/en-

us/4,0,0,84/mcinsctl.cab
DPF: {55027008-315F-4F45-BBC3-8BE119764741} -

hxxp://www.slide.com/uploader/SlideImageUploader.cab
DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} -

hxxp://sidestep.com/get/k00719/sb02a.cab
DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} -

hxxp://www.nick.com/common/groove/gx/GrooveAX27.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} -

hxxp://upload.facebook.com/controls/200 ... toUploader

55.cab
DPF: {88D969C0-F192-11D4-A65F-0040963251E5} -

hxxp://ipgweb.cce.hp.com/rdqna/downloads/msxml4.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -

hxxp://fpdownload.macromedia.com/get/fl ... /ultrashim

.cab
DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} -

hxxp://a19.g.akamai.net/7/19/7125/4056/ ... oupons.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} -

hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} -

hxxp://merillat.view22.com/view22/roomapp/View22RTE.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -

hxxp://download.mcafee.com/molbin/share ... cgdmgr.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} -

hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -

hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} -

hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -

hxxp://fpdownload.macromedia.com/pub/sh ... wflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program

files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxdev.dll
Notify: TPSvc - TPSvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -

c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\dot\applic~1

\mozilla\firefox\profiles\9e1n9hmj.default\
FF - prefs.js: browser.search.defaulturl -

hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=

{searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://bing.zugotoolbar.com/s/?iesrc=IE-

Address&site=Bing&q=
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - component: c:\program

files\igive_toolbar\igffx\components\LVCoordinator.dll
FF - plugin: c:\documents and settings\all users\application

data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.d

ll
FF - plugin: c:\documents and settings\dot\local settings\application

data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592

\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-

80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows

presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program

files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program

files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - HiddenExtension: LoudMo Contextual Ad Assistant: No Registry Reference -

c:\program files\mozilla firefox\extensions\{ed44922c-01f3-56a8-cda1-

afadb1e91cde}

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: google.toolbar.linkdoctor.enabled - false
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref

("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13

25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys

[2010-9-7 26064]
R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [2009-12-7 61328]
R0 szkgfs;szkgfs;c:\windows\system32\drivers\SZKGFS.sys [2010-5-12 59280]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys

[2010-9-7 249424]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32

\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7

298448]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity

protection\agent\bin\AVGIDSAgent.exe [2010-10-11 6104656]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-9-10

265400]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program

files\viewpoint\common\ViewpointService.exe [2007-1-11 24652]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys

[2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys

[2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-

19 26192]
S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-12-7 61328]
S2 gupdate;Google Update Service (gupdate);c:\program

files\google\update\GoogleUpdate.exe [2009-12-22 135664]
S3 385ecfecf477f8e7;385ecfecf477f8e7;\??\c:\385ecfecf477f8e7.dat -->

c:\385ecfecf477f8e7.dat [?]
S3 f3a2be184315b053;f3a2be184315b053;\??\c:\f3a2be184315b053.dat -->

c:\f3a2be184315b053.dat [?]

=============== Created Last 30 ================

2010-11-17 01:01:22 -------- d-----w- c:\documents and

settings\dot\HijackThis logs
2010-11-12 18:46:58 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-10 15:41:13 38224 ----a-w- c:\windows\system32

\drivers\mbamswissarmy.sys
2010-11-10 15:41:11 20952 ----a-w- c:\windows\system32

\drivers\mbam.sys
2010-11-03 13:14:39 -------- d-----w- c:\docume~1\dot\applic~1

\PCDr
2010-10-25 22:58:50 -------- d-----w- c:\program

files\STOPzilla!
2010-10-25 22:58:48 -------- d-----w- c:\program files\common

files\iS3
2010-10-25 22:58:47 -------- d-----w- c:\docume~1\alluse~1

\applic~1\STOPzilla!
2010-10-24 01:07:40 22992 ----a-r- c:\windows\system32\SZIO5.dll
2010-10-24 01:07:40 132560 ----a-r- c:\windows\system32\IS3HTUI5.dll
2010-10-24 01:07:38 546256 ----a-r- c:\windows\system32\SZComp5.dll
2010-10-24 01:07:38 452048 ----a-r- c:\windows\system32\SZBase5.dll
2010-10-24 01:07:38 398800 ----a-r- c:\windows\system32\IS3DBA5.dll
2010-10-24 01:07:38 28624 ----a-r- c:\windows\system32\IS3XDat5.dll
2010-10-24 01:07:36 99792 ----a-r- c:\windows\system32\IS3Svc5.dll
2010-10-24 01:07:36 99792 ----a-r- c:\windows\system32\IS3Inet5.dll
2010-10-24 01:07:36 67024 ----a-r- c:\windows\system32\IS3Hks5.dll
2010-10-24 01:07:34 738768 ----a-r- c:\windows\system32\IS3Base5.dll
2010-10-24 01:07:34 390608 ----a-r- c:\windows\system32\IS3UI5.dll
2010-10-24 01:07:34 230864 ----a-r- c:\windows\system32

\IS3Win325.dll

==================== Find3M ====================

2010-09-18 18:23:26 974848 ------w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2004-09-08 02:10:44 16706160 -c--a-w- c:\program

files\AdbeRdr60_enu_full.exe

============= FINISH: 13:31:19.12 ===============
ATTACH.TXT

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 8/31/2004 5:06:44 PM
System Uptime: 11/21/2010 7:45:33 AM (6 hours ago)

Motherboard: Dell Computer Corp. | | 0F4491
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor |

2793/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 145 GiB total, 106.407 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description:
Device ID: ROOT\IMAGE\0001
Manufacturer:
Name:
PNP Device ID: ROOT\IMAGE\0001
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Parallel Device
Device ID: ROOT\LEGACY_HPFECP06\0000
Manufacturer:
Name: Parallel Device
PNP Device ID: ROOT\LEGACY_HPFECP06\0000
Service: HPFECP06

==== System Restore Points ===================

RP2375: 10/15/2010 8:25:40 AM - System Checkpoint
RP2376: 10/15/2010 9:30:00 AM - System Checkpoint
RP2377: 10/15/2010 12:14:03 PM - Software Distribution Service 3.0
RP2378: 10/16/2010 9:45:28 PM - System Checkpoint
RP2379: 10/17/2010 3:00:50 AM - Software Distribution Service 3.0
RP2380: 10/17/2010 10:16:29 PM - Software Distribution Service 3.0
RP2381: 10/19/2010 8:23:09 AM - System Checkpoint
RP2382: 10/20/2010 8:37:03 AM - System Checkpoint
RP2383: 10/21/2010 9:05:14 AM - System Checkpoint
RP2384: 10/3/2010 10:16:30 AM - System Checkpoint
RP2385: 10/5/2010 12:58:40 AM - System Checkpoint
RP2386: 10/24/2010 10:08:16 AM - System Checkpoint
RP2387: 10/25/2010 11:11:47 AM - System Checkpoint
RP2388: 10/25/2010 4:58:27 PM - Installed STOPzilla. Available with

Windows Installer version 1.2 and later.
RP2389: 10/26/2010 5:38:29 PM - System Checkpoint
RP2390: 10/27/2010 6:44:19 PM - System Checkpoint
RP2391: 10/28/2010 7:38:30 PM - System Checkpoint
RP2392: 10/29/2010 9:28:41 PM - System Checkpoint
RP2393: 10/30/2010 9:38:29 PM - System Checkpoint
RP2394: 10/31/2010 10:05:49 PM - System Checkpoint
RP2395: 11/1/2010 10:50:37 PM - System Checkpoint
RP2396: 11/2/2010 11:19:20 PM - System Checkpoint
RP2397: 11/3/2010 7:43:15 AM - Removed Dell Support Center (Support

Software).
RP2398: 11/4/2010 9:40:15 AM - Removed Dell Support Center (Support

Software).
RP2399: 11/4/2010 7:01:31 PM - Installed Windows XP -- Software Updates

KB952011.
RP2400: 11/5/2010 7:55:36 PM - System Checkpoint
RP2401: 11/6/2010 7:28:07 PM - System Checkpoint
RP2402: 11/7/2010 7:44:07 PM - System Checkpoint
RP2403: 11/8/2010 8:29:05 PM - System Checkpoint
RP2404: 11/10/2010 6:44:31 AM - System Checkpoint
RP2405: 11/10/2010 10:18:25 PM - Software Distribution Service 3.0
RP2406: 11/12/2010 8:23:42 AM - System Checkpoint
RP2407: 11/13/2010 9:21:32 AM - System Checkpoint
RP2408: 11/14/2010 9:34:17 AM - System Checkpoint
RP2409: 11/14/2010 3:29:30 PM - Removed Bonjour
RP2410: 11/14/2010 3:32:15 PM - Removed Cooliris for Internet Explorer
RP2411: 11/15/2010 8:18:29 AM - Advanced SystemCare RestorePoint
RP2412: 11/16/2010 10:21:22 AM - System Checkpoint
RP2413: 11/17/2010 10:36:51 AM - System Checkpoint
RP2414: 11/18/2010 7:45:11 PM - System Checkpoint
RP2415: 11/19/2010 9:29:25 PM - System Checkpoint
RP2416: 11/20/2010 9:29:51 PM - System Checkpoint

==== Installed Programs ======================

ActiveState Komodo Edit 5.2.4
Adobe Download Manager 1.2 (Remove Only)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 6.0
Adobe Reader 6.0.1
Adobe Reader 9.4.0
Adobe Shockwave Player 11.5
Advanced SystemCare 3
Any Video Converter 3.0.7
AnyTime Deluxe Edition 7.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atrise ToHTML 2.1.0
AVG 2011
Banctec Service Agreement
Bink and Smacker
Brother MFL-Pro Suite
CCleaner
CoffeeCup Flash FireStarter
ColorSelectStudio
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Networking Guide
Dell Solution Center
Dell Support 3.1
Dell Support Center (Support Software)
DellSupport
ESSSONIC
Eye Candy 4000
Flash Saving Plugin
Flash Text Fader 1.0
FoneSync
Free Convert MPEG WMV to MP4 FLV AVI Converter 5.8
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Help and Support Customization
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HTML Slideshow Powertoy for Windows XP
iGive Toolbar
Indeo® Software
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet
Internet Explorer Default Page
iPod for Windows 2006-06-28
iTunes
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_03
Java 2 Runtime Environment, SE v1.4.2_05
Java 2 Runtime Environment, SE v1.4.2_06
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 21
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
K-Lite Codec Pack 4.0.0 (Full)
kgcbase
Listen Rhapsody
Macromedia Dreamweaver 4
Macromedia Flash 5
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft FrontPage 2000
Microsoft Image Composer 1.5
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft Office Converter Pack
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office PowerPoint 2003 Template Creation Wizard
Microsoft Office PowerPoint 2003 Template Pack 1
Microsoft Office PowerPoint 2003 Template Pack 2
Microsoft Office PowerPoint 2003 Template Pack 3
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Professional Edition 2003
Microsoft Producer for Microsoft Office PowerPoint 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works 2001 Setup Launcher
Microsoft Works 6-9 Converter
Microsoft Works 6.0
Microsoft Works Suite Add-in for Microsoft Word
Modem Event Monitor
Modem Helper
Modem On Hold
Mozilla Firefox (3.5.7)
MSN Money Investment Toolbox
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB954459)
NeoTrace Express 3.25
Nvu 1.0
OGA Notifier 2.0.0048.0
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Paint Shop Pro 5.01
Paint Shop Pro 7 ESD
PaperPort
PDF reDirect (remove only)
Photo Story 3 for Windows
Picasa 3
QuickTime
RealPlayer
RealUpgrade 1.0
Search Settings 1.2
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Smart Defrag
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SonicStage 4.3
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
STOPzilla
SureThing CD Labeler - Stomper Edition 32 bit
SWF Opener
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WeatherBug
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 8
Windows Live installer
Windows Media Format 11 runtime
Windows Media Player 10
Windows Presentation Foundation
Windows XP Service Pack 3
WinZip
WordPerfect Office 12
Works Suite OS Pack
Works Synchronization
WorksDatabaseConverter
XML Paper Specification Shared Components Pack 1.0
Yahoo! Toolbar
Zoombinis Logical Journey(TM)

==== Event Viewer Messages From Past Week ========

11/21/2010 9:38:38 AM, error: W32Time [17] - Time Provider NtpClient: An

error occurred during DNS lookup of the manually configured peer 'time-

b.nist.gov,0x1'. NtpClient will try the DNS lookup again in 30 minutes.

The error was: A socket operation was attempted to an unreachable host.

(0x80072751)
11/21/2010 9:23:38 AM, error: W32Time [17] - Time Provider NtpClient: An

error occurred during DNS lookup of the manually configured peer 'time-

b.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes.

The error was: A socket operation was attempted to an unreachable host.

(0x80072751)
11/21/2010 7:46:29 AM, error: Print [19] - Sharing printer failed + 1722,

Printer Microsoft XPS Document Writer share name Printer4.
11/21/2010 11:08:38 AM, error: W32Time [17] - Time Provider NtpClient: An

error occurred during DNS lookup of the manually configured peer 'time-

b.nist.gov,0x1'. NtpClient will try the DNS lookup again in 120 minutes.

The error was: A socket operation was attempted to an unreachable host.

(0x80072751)
11/21/2010 10:08:38 AM, error: W32Time [17] - Time Provider NtpClient: An

error occurred during DNS lookup of the manually configured peer 'time-

b.nist.gov,0x1'. NtpClient will try the DNS lookup again in 60 minutes.

The error was: A socket operation was attempted to an unreachable host.

(0x80072751)
11/19/2010 7:03:06 PM, error: Print [6161] - The document Untitled -

Notepad owned by Dot failed to print on printer Brother MFC-5440CN Printer

(Copy 1). Data type: NT EMF 1.008. Size of the spool file in bytes: 0.

Number of bytes printed: 0. Total number of pages in the document: 0.

Number of pages printed: 0. Client machine: \\DOTS. Win32 error code

returned by the print processor: 259 (0x103).
11/19/2010 7:01:23 PM, error: Print [6161] - The document Microsoft Word -

Declaration for JusticeDOT'S PROOF _2_.docx owned by Dot failed to print on

printer Brother MFC-5440CN Printer (Copy 1). Data type: NT EMF 1.008. Size

of the spool file in bytes: 33196. Number of bytes printed: 33032. Total

number of pages in the document: 1. Number of pages printed: 0. Client

machine: \\DOTS. Win32 error code returned by the print processor: 0

(0x0).
11/19/2010 6:59:48 PM, error: Print [6161] - The document Microsoft Word -

Declaration for JusticeDOT'S PROOF _2_.docx owned by Dot failed to print on

printer Brother MFC-5440CN Printer (Copy 1). Data type: NT EMF 1.008. Size

of the spool file in bytes: 131072. Number of bytes printed: 33032. Total

number of pages in the document: 1. Number of pages printed: 0. Client

machine: \\DOTS. Win32 error code returned by the print processor: 0

(0x0).
11/19/2010 6:56:26 PM, error: Print [6161] - The document Microsoft Word -

Declaration for JusticeDOT'S PROOF _2_.docx owned by Dot failed to print on

printer Brother MFC-5440CN Printer (Copy 1). Data type: NT EMF 1.008. Size

of the spool file in bytes: 131072. Number of bytes printed: 97696. Total

number of pages in the document: 3. Number of pages printed: 0. Client

machine: \\DOTS. Win32 error code returned by the print processor: 0

(0x0).
11/19/2010 5:47:10 PM, error: Dhcp [1002] - The IP address lease

192.168.2.104 for the Network Card with network address 00111128453F has

been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK

message).
11/18/2010 8:24:35 AM, error: Print [6161] - The document

http://demo.olivesoftware.com/APD271003 ... SkinFolder owned by

Dot failed to print on printer Brother MFC-5440CN Printer (Copy 1). Data

type: NT EMF 1.008. Size of the spool file in bytes: 2097152. Number of

bytes printed: 0. Total number of pages in the document: 2. Number of pages

printed: 0. Client machine: \\DOTS. Win32 error code returned by the print

processor: 122 (0x7a).
11/14/2010 9:39:40 PM, error: DCOM [10005] - DCOM got error "%1084"

attempting to start the service EventSystem with arguments "" in order to

run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/14/2010 9:31:49 PM, error: DCOM [10005] - DCOM got error "%1084"

attempting to start the service netman with arguments "" in order to run

the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
11/14/2010 8:09:59 AM, error: Dhcp [1002] - The IP address lease

192.168.2.103 for the Network Card with network address 00111128453F has

been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK

message).

==== End Of File ===========================
Dorothy
Regular Member
 
Posts: 49
Joined: November 16th, 2010, 8:36 pm

Re: Help wanted!

Unread postby melboy » November 21st, 2010, 5:18 pm

Hi Dorothy

Do you have the GMER log? Can you also turn off word wrap - It makes the logs hard to read. Thanks.


Turn Off WordWrap

  • Click Start > All Programs > Accessories > Notepad
  • On the menu bar in Notepad select Format
  • Click on WordWrap so it appears UNchecked
  • Close notepad
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

GMER.TXT

Unread postby Dorothy » November 22nd, 2010, 12:42 am

SORRY ABOUT THE WORD WRAP---THOUGHT I HAD SHUT IT OFF, DARN.
WANT ME TO DO SO AND RE-SEND THE OTHERS?
THANK YOU SOOOO MUCH!---dorothy

GMER COMING IN A MINUTE
Dorothy
Regular Member
 
Posts: 49
Joined: November 16th, 2010, 8:36 pm

GMER.TXT HERE

Unread postby Dorothy » November 22nd, 2010, 12:45 am

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-21 21:31:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e WDC_WD1600JD-75HBB0 rev.08.02D08
Running: d7gnb2f4.exe; Driver: C:\DOCUME~1\Dot\LOCALS~1\Temp\pxtdapoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB9DD96C0]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB9DD9770]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB9DD9810]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB9DD98B0]

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\System32\DRIVERS\mohfilt.sys entry point in "init" section [0xF777A760]
? C:\DOCUME~1\Dot\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

AttachedDevice szkgfs.sys (STOPzilla Kernel Guard File System, x86-32 /iS3, Inc.)

Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----
Dorothy
Regular Member
 
Posts: 49
Joined: November 16th, 2010, 8:36 pm

Re: Help wanted!

Unread postby melboy » November 22nd, 2010, 1:24 pm

Hi

OTL

Download OTL by Old Timer and save it to your Desktop.

  • Double click on OTL.exe to run it.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Help wanted!

Unread postby melboy » November 22nd, 2010, 1:43 pm

Hi Dorothy

If you have trouble downloading OTL, try this mirror instead.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

OTL.TXT (first half--too many characters per one message)

Unread postby Dorothy » November 22nd, 2010, 1:52 pm

OTL logfile created on: 11/22/2010 10:44:34 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Dot\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.48 Gb Total Space | 106.35 Gb Free Space | 73.10% Space Free | Partition Type: NTFS

Computer Name: DOTS | User Name: Dot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/22 10:29:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dot\My Documents\Downloads\OTL.exe
PRC - [2010/10/23 18:07:50 | 000,177,616 | R--- | M] (iS3, Inc.) -- C:\Program Files\STOPzilla!\STOPzilla.exe
PRC - [2010/10/23 18:07:46 | 000,062,928 | R--- | M] (iS3, Inc.) -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
PRC - [2010/10/19 06:18:40 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Dot\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/11 11:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/10/06 16:24:38 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/06 16:24:36 | 001,065,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/10/06 16:24:08 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/06 16:24:08 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/09/28 21:33:02 | 002,407,632 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/09/15 04:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/07 02:50:22 | 001,047,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/09 18:08:04 | 002,712,920 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PRC - [2009/09/15 16:30:06 | 000,574,760 | ---- | M] () -- C:\Program Files\iGive_Toolbar\igvtt.exe
PRC - [2009/09/15 16:30:06 | 000,095,528 | ---- | M] () -- C:\Program Files\iGive_Toolbar\igvtp.exe
PRC - [2009/05/21 09:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/05/29 18:09:17 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 14:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/06/07 12:58:40 | 001,339,392 | ---- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2004/04/14 14:46:50 | 000,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2001/12/12 17:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\SYSTEM32\brss01a.exe


========== Modules (SafeList) ==========

MOD - [2010/11/22 10:29:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dot\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/10/23 18:07:46 | 000,062,928 | R--- | M] (iS3, Inc.) [Auto | Running] -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -- (szserver)
SRV - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/02/05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/03/19 15:42:14 | 000,132,608 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\RSVP.EXE -- (RSVP)
SRV - [2003/03/03 11:33:40 | 000,143,360 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2002/04/11 17:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\brsvc01a.exe -- (Brother XP spl Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\f3a2be184315b053.dat -- (f3a2be184315b053)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\385ecfecf477f8e7.dat -- (385ecfecf477f8e7)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 02:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/07 02:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 02:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 02:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/05/12 17:01:06 | 000,059,280 | R--- | M] (iS3, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\szkgfs.sys -- (szkgfs)
DRV - [2009/12/07 16:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\szkg.sys -- (szkg5)
DRV - [2009/12/07 16:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\is3srv.sys -- (is3srv)
DRV - [2008/04/13 11:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/11/09 11:45:01 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2004/12/01 02:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 01:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004/11/16 00:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/11/16 00:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/11/16 00:05:00 | 000,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/11/16 00:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/11/16 00:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/11/16 00:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/11/16 00:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/11/16 00:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/11/16 00:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/07/14 10:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 10:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004/06/09 08:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DDMI2.sys -- (SDDMI2)
DRV - [2004/03/05 20:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 20:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 20:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 20:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/08/28 16:58:40 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2002/11/08 11:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 12:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 12:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 12:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 12:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 12:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 11:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 11:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 11:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 11:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 11:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 11:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 11:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 11:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 11:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 11:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/webhp?hl=en&tab=nw
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search Powered by Google"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ed44922c-01f3-56a8-cda1-afadb1e91cde}:4.6.6.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledItems: {cae9e4ee-e63b-4c68-8abf-672f47016882}:9.0.0
FF - prefs.js..keyword.URL: "http://bing.zugotoolbar.com/s/?iesrc=IE-Address&site=Bing&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/11/03 05:47:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/04 12:12:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/10 19:58:47 | 000,000,000 | ---D | M]

[2009/04/30 07:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Mozilla\Extensions
[2010/11/21 21:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions
[2009/10/30 13:34:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/20 19:43:19 | 000,000,000 | ---D | M] (IObitCom Toolbar) -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}
[2010/10/30 09:19:59 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2009/07/27 10:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions\en-US@dictionaries.addons.mozilla(2).org
[2010/04/30 20:31:12 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\searchplugins\bing-ff.xml
[2009/12/19 22:34:36 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\searchplugins\conduit.xml
[2010/11/21 21:41:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/10 06:39:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/16 09:52:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/04/30 20:30:32 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{ed44922c-01f3-56a8-cda1-afadb1e91cde}
[2008/06/17 23:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/06/22 03:36:30 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2004/03/19 15:37:50 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (no name) - {b6a73a11-0161-bbd1-427e-0c61e7e66e17} - No CLSID value found.
O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (iGive Toolbar) - {FA73AE1B-4BA9-4E8B-832B-54A287FF1B7F} - C:\Program Files\iGive_Toolbar\igvtb.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [igvtm] C:\Program Files\iGive_Toolbar\igvtt.exe ()
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: &NeoTrace It! - C:\Program Files\NeoTrace Express\NTXcontext.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: iGive Toolbar - C:\Documents and Settings\Dot\Application Data\iGive_Toolbar\igvtt\igvtC5.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} http://download.microsoft.com/download/ ... arth3D.cab (Reg Error: Value error.)
O16 - DPF: {11A02365-2859-4598-A9D5-4FDE99D67723} http://www.pqprintcenter.com/plugin/axv ... ck1611.cab (Reg Error: Value error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} http://makeover.ivillage.co.uk/save/makeover.cab (Reg Error: Value error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Value error.)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/56.25/uploader2.cab (Reg Error: Value error.)
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} http://moneycentral.msn.com/cabs/pmupd806.exe (MSN Money Charting)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdat ... /opuc3.cab (Office Update Installation Engine)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Reg Error: Value error.)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/54.16/uploader2.cab (Reg Error: Value error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab (Reg Error: Value error.)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab (Reg Error: Value error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/share ... insctl.cab (Reg Error: Value error.)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com/uploader/SlideImageUploader.cab (Reg Error: Value error.)
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} http://sidestep.com/get/k00719/sb02a.cab (Reg Error: Value error.)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/common/groove/gx/GrooveAX27.cab (Reg Error: Value error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Reg Error: Value error.)
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} http://ipgweb.cce.hp.com/rdqna/downloads/msxml4.cab (XML DOM Document 4.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} http://a19.g.akamai.net/7/19/7125/4056/ ... oupons.cab (Reg Error: Value error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Reg Error: Value error.)
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} http://merillat.view22.com/view22/roomapp/View22RTE.cab (Reg Error: Value error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/share ... cgdmgr.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.66.237 213.109.72.202 1.1.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Dot\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dot\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/05/16 06:36:02 | 000,000,025 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{de5eddea-181e-11db-b5e4-00111128453f}\Shell - "" = AutoRun
O33 - MountPoints2\{de5eddea-181e-11db-b5e4-00111128453f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{de5eddea-181e-11db-b5e4-00111128453f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: brssINFO - (C:\WINDOWS\system32\dplastat.dll) - C:\WINDOWS\System32\dplastat.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/11/16 18:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dot\HijackThis logs
[2010/11/14 15:26:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dot\Recent
[2010/11/10 08:41:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/10 08:41:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/09 19:50:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dot\My Documents\ranchWife
[2010/11/06 09:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dot\My Documents\epohelp_files
[2010/11/03 06:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dot\Application Data\PCDr
[2010/10/25 15:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\STOPzilla!
[2010/10/25 15:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2010/10/25 15:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2010/10/23 18:07:40 | 000,132,560 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3HTUI5.dll
[2010/10/23 18:07:40 | 000,022,992 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZIO5.dll
[2010/10/23 18:07:38 | 000,546,256 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZComp5.dll
[2010/10/23 18:07:38 | 000,452,048 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZBase5.dll
[2010/10/23 18:07:38 | 000,398,800 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3DBA5.dll
[2010/10/23 18:07:38 | 000,028,624 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3XDat5.dll
[2010/10/23 18:07:36 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Svc5.dll
[2010/10/23 18:07:36 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Inet5.dll
[2010/10/23 18:07:36 | 000,067,024 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Hks5.dll
[2010/10/23 18:07:34 | 000,738,768 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Base5.dll
[2010/10/23 18:07:34 | 000,390,608 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3UI5.dll
[2010/10/23 18:07:34 | 000,230,864 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Win325.dll
[2004/09/07 18:59:59 | 016,706,160 | ---- | C] (Netopsystems AG) -- C:\Program Files\AdbeRdr60_enu_full.exe

========== Files - Modified Within 30 Days ==========

[2010/11/22 10:23:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-76020992-1609971859-2370090961-1007UA.job
[2010/11/22 09:58:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/22 09:00:00 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2010/11/22 07:23:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-76020992-1609971859-2370090961-1007Core.job
[2010/11/22 03:38:06 | 000,002,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010/11/22 03:18:10 | 099,807,193 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/21 22:00:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/11/21 17:58:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/21 17:40:23 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/11/21 13:59:03 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\d7gnb2f4.exe
[2010/11/21 13:47:35 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\p15ipksk.exe
[2010/11/21 13:14:34 | 000,630,272 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\dds.scr
[2010/11/21 07:48:13 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/11/21 07:48:08 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-76020992-1609971859-2370090961-1007.job
[2010/11/21 07:48:07 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2010/11/21 07:46:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/11/20 17:20:52 | 000,006,188 | -H-- | M] () -- C:\Documents and Settings\Dot\My Documents\Picasa.ini
[2010/11/20 16:15:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\prvlcl.dat
[2010/11/19 19:02:37 | 000,000,026 | ---- | M] () -- C:\WINDOWS\Brmfcmon.ini
[2010/11/19 19:02:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\¼
[2010/11/17 15:44:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/16 18:31:06 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\Shortcut to Downloads.lnk
[2010/11/16 17:39:51 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\project7_06.xls
[2010/11/15 08:29:35 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag.lnk
[2010/11/14 20:40:59 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/11/14 20:40:59 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/11/14 20:40:59 | 000,000,151 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\IObit Freeware.url
[2010/11/14 15:20:00 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/11/14 15:01:56 | 000,000,989 | ---- | M] () -- C:\WINDOWS\System32\MAPISVC.INF
[2010/11/13 07:57:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-76020992-1609971859-2370090961-1007.job
[2010/11/11 06:57:42 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/11/10 19:58:48 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/10 08:41:15 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/08 19:55:30 | 000,486,360 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/11/08 19:55:29 | 000,089,412 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2010/11/08 10:02:17 | 000,002,442 | ---- | M] () -- C:\WINDOWS\winzip32.ini
[2010/11/06 09:06:55 | 000,118,415 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\epohelp.htm
[2010/11/05 18:21:49 | 000,015,796 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\STOPzilla Black List Contents.htm
[2010/11/04 18:01:50 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2010/11/04 13:24:12 | 000,002,268 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\Google Chrome.lnk
[2010/11/04 13:24:12 | 000,002,246 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/03 05:58:35 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\litterbox.xls
[2010/11/03 05:47:39 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/11/02 18:04:28 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\Shortcut to firefox.exe.lnk
[2010/10/28 20:52:19 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\andy_Bday_note-from-al.doc
[2010/10/28 07:02:39 | 000,147,968 | ---- | M] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/23 18:07:40 | 000,132,560 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3HTUI5.dll
[2010/10/23 18:07:40 | 000,022,992 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZIO5.dll
[2010/10/23 18:07:38 | 000,546,256 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZComp5.dll
[2010/10/23 18:07:38 | 000,452,048 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZBase5.dll
[2010/10/23 18:07:38 | 000,398,800 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3DBA5.dll
[2010/10/23 18:07:38 | 000,028,624 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3XDat5.dll
[2010/10/23 18:07:36 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Svc5.dll
[2010/10/23 18:07:36 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Inet5.dll
[2010/10/23 18:07:36 | 000,067,024 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Hks5.dll
[2010/10/23 18:07:34 | 000,738,768 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Base5.dll
[2010/10/23 18:07:34 | 000,390,608 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3UI5.dll
[2010/10/23 18:07:34 | 000,230,864 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Win325.dll

========== Files Created - No Company Name ==========

[2010/11/22 03:38:05 | 000,002,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010/11/21 13:59:01 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\d7gnb2f4.exe
[2010/11/21 13:47:34 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\p15ipksk.exe
[2010/11/21 13:14:19 | 000,630,272 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\dds.scr
[2010/11/19 19:02:37 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Brmfcmon.ini
[2010/11/19 19:02:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\¼
[2010/11/16 18:31:06 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\Shortcut to Downloads.lnk
[2010/11/14 20:40:59 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/11/14 20:40:59 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/11/14 15:20:00 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/11/10 19:58:47 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/10 08:41:15 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/06 09:06:45 | 000,118,415 | ---- | C] () -- C:\Documents and Settings\Dot\My Documents\epohelp.htm
[2010/11/05 17:51:13 | 000,015,796 | ---- | C] () -- C:\Documents and Settings\Dot\My Documents\STOPzilla Black List Contents.htm
[2010/11/04 18:01:50 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2010/11/02 18:04:28 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\Shortcut to firefox.exe.lnk
[2010/10/28 20:52:19 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Dot\My Documents\andy_Bday_note-from-al.doc
[2010/10/11 20:05:23 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\fusioncache.dat
[2010/08/12 14:58:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\prvlcl.dat
[2010/07/13 21:55:49 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/06/02 06:51:57 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\qcopjv.dat
[2010/03/13 10:38:04 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/03/13 10:37:55 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/03/13 10:37:55 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/03/13 10:37:54 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/03/13 10:37:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/09 09:50:00 | 002,128,896 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\cooliris-win-ie-release-1.11.7.31969.en-US.msi
[2009/12/14 23:30:45 | 002,130,944 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\cooliris-win-ie-release-1.11.6.31225.en-US.msi
[2009/10/14 13:17:41 | 002,124,288 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\cooliris-win-ie-release-1.11.5.29501.en-US.msi
[2009/10/05 18:49:06 | 000,000,013 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\1ÌØ13.sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/12/17 10:15:54 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\kodakpcd.ini
[2008/04/03 10:16:55 | 000,001,588 | ---- | C] () -- C:\WINDOWS\debugrcfile.ini
[2008/03/26 06:41:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2008/02/11 14:50:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/02/20 20:59:37 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2006/11/08 20:26:19 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/27 22:17:29 | 000,023,295 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\Comma Separated Values (Windows).ADR
[2006/10/27 22:16:25 | 000,038,458 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\Comma Separated Values (DOS).ADR
[2006/07/30 16:44:03 | 000,000,219 | ---- | C] () -- C:\WINDOWS\WS_FTP.INI
[2006/05/29 05:15:53 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2006/03/01 19:51:47 | 000,002,442 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2006/02/10 09:19:32 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/12/01 22:14:55 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\PDFreDirectMonNT.dll
[2005/11/24 11:04:01 | 000,000,054 | ---- | C] () -- C:\WINDOWS\KA.INI
[2005/11/13 20:22:41 | 000,000,315 | ---- | C] () -- C:\WINDOWS\3DHOME.INI
[2005/07/08 11:03:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2005/07/08 10:20:33 | 000,000,030 | ---- | C] () -- C:\WINDOWS\POTATO.INI
[2005/07/08 08:04:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/04/24 21:51:42 | 000,000,084 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2005/04/24 21:51:41 | 000,000,055 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2005/04/24 18:40:50 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2005/04/24 18:39:32 | 000,001,549 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2005/04/24 18:39:32 | 000,000,551 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2005/04/24 18:39:32 | 000,000,152 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2005/04/24 18:39:32 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2005/04/24 18:39:09 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2005/04/24 18:29:22 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2005/03/09 10:07:51 | 000,004,271 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/02/25 10:08:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/02/16 13:25:59 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/01/01 16:44:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2004/12/04 21:14:45 | 000,000,053 | ---- | C] () -- C:\WINDOWS\zbj22.ini
[2004/11/26 14:45:07 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2004/11/26 14:45:07 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2004/11/26 14:45:07 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2004/11/26 14:42:47 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2004/11/26 14:37:13 | 000,000,962 | ---- | C] () -- C:\WINDOWS\disney.ini
[2004/11/26 14:37:05 | 000,000,201 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2004/11/24 17:31:00 | 000,001,084 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2004/11/24 12:47:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\DXFLib.dll
[2004/09/22 07:49:04 | 000,000,632 | ---- | C] () -- C:\WINDOWS\Chatrm.INI
[2004/09/22 07:48:46 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\DRAGHOOK.dll
[2004/09/22 07:48:44 | 000,000,362 | ---- | C] () -- C:\WINDOWS\cribbage.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\spades.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pinochle.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hearts.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\gin.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\gammon.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\euchre.ini
[2004/09/07 18:59:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\dm.ini
[2004/09/03 19:09:15 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2004/09/01 15:39:47 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\PFP120JPR.{PB
[2004/09/01 15:39:47 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\PFP120JCM.{PB
[2004/09/01 11:27:59 | 000,000,163 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2004/09/01 06:44:27 | 000,147,968 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/08/28 08:55:03 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/28 08:48:16 | 000,000,839 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/08/28 08:36:49 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/28 08:26:04 | 000,000,549 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/03/26 15:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/03/20 11:21:34 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/20 10:58:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/03/19 15:37:28 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2001/09/19 11:41:46 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\opcode.dll
[1996/12/03 23:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1996/12/03 23:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1979/12/31 22:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2010/01/21 13:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AGI
[2008/06/07 06:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atrise
[2010/11/16 19:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/09/29 08:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/09/29 09:46:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/10/05 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/09/29 07:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2006/08/13 19:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2006/02/10 09:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2006/05/11 07:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G4
[2005/04/24 18:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/11/22 10:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2008/02/01 22:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/04/30 20:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2007/01/23 09:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/04/14 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/25 13:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/02/08 15:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2008/08/17 13:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Acreon
[2010/03/15 21:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\ActiveState
[2005/12/17 15:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Allume Systems
[2010/08/10 19:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\AnvSoft
[2010/08/10 17:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Any Video Converter
[2010/10/11 21:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\AVG
[2010/09/29 09:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\AVG10
[2010/11/22 03:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\iGive_Toolbar
[2010/01/18 19:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\IObit
[2005/01/09 17:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Jasc
[2008/03/10 22:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\KompoZer
[2005/01/05 14:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Leadertech
[2009/01/15 20:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\MPEG Streamclip
[2007/05/31 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Nvu
[2010/11/03 06:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\PCDr
[2006/03/11 20:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\PDF reDirect
[2006/05/11 06:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\River Past G4
[2006/05/11 06:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\RiverPast G4
[2005/04/25 07:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\ScanSoft
[2010/03/25 12:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\scriptocean
[2008/08/19 20:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Search Settings
[2008/11/07 11:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Skinux
[2009/02/12 09:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Snapfish
[2006/04/05 15:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Template
[2010/08/03 14:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Tific
[2010/10/05 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Uniblue
[2007/06/03 18:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Viewpoint
[2010/11/22 00:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\WeatherBug
[2010/11/21 07:48:07 | 000,000,384 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2010/11/21 22:00:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job

========== Purity Check ==========



< End of report >
PRC - [2010/11/22 10:29:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dot\My Documents\Downloads\OTL.exe
PRC - [2010/10/23 18:07:50 | 000,177,616 | R--- | M] (iS3, Inc.) -- C:\Program Files\STOPzilla!\STOPzilla.exe
PRC - [2010/10/23 18:07:46 | 000,062,928 | R--- | M] (iS3, Inc.) -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
PRC - [2010/10/19 06:18:40 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Dot\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/11 11:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/10/06 16:24:38 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/06 16:24:36 | 001,065,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/10/06 16:24:08 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/06 16:24:08 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/09/28 21:33:02 | 002,407,632 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/09/15 04:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/07 02:50:22 | 001,047,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/09 18:08:04 | 002,712,920 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PRC - [2009/09/15 16:30:06 | 000,574,760 | ---- | M] () -- C:\Program Files\iGive_Toolbar\igvtt.exe
PRC - [2009/09/15 16:30:06 | 000,095,528 | ---- | M] () -- C:\Program Files\iGive_Toolbar\igvtp.exe
PRC - [2009/05/21 09:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/05/29 18:09:17 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 14:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/06/07 12:58:40 | 001,339,392 | ---- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2004/04/14 14:46:50 | 000,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2001/12/12 17:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\SYSTEM32\brss01a.exe
Dorothy
Regular Member
 
Posts: 49
Joined: November 16th, 2010, 8:36 pm

OTL.TXT (second half)

Unread postby Dorothy » November 22nd, 2010, 1:53 pm

========== Modules (SafeList) ==========

MOD - [2010/11/22 10:29:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dot\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/10/23 18:07:46 | 000,062,928 | R--- | M] (iS3, Inc.) [Auto | Running] -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -- (szserver)
SRV - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/02/05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/03/19 15:42:14 | 000,132,608 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\RSVP.EXE -- (RSVP)
SRV - [2003/03/03 11:33:40 | 000,143,360 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2002/04/11 17:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\brsvc01a.exe -- (Brother XP spl Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\f3a2be184315b053.dat -- (f3a2be184315b053)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\385ecfecf477f8e7.dat -- (385ecfecf477f8e7)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 02:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/07 02:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 02:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 02:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/05/12 17:01:06 | 000,059,280 | R--- | M] (iS3, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\szkgfs.sys -- (szkgfs)
DRV - [2009/12/07 16:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\szkg.sys -- (szkg5)
DRV - [2009/12/07 16:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\is3srv.sys -- (is3srv)
DRV - [2008/04/13 11:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/11/09 11:45:01 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2004/12/01 02:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 01:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004/11/16 00:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/11/16 00:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/11/16 00:05:00 | 000,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/11/16 00:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/11/16 00:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/11/16 00:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/11/16 00:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/11/16 00:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/11/16 00:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/07/14 10:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 10:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004/06/09 08:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DDMI2.sys -- (SDDMI2)
DRV - [2004/03/05 20:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 20:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 20:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 20:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/08/28 16:58:40 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2002/11/08 11:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 12:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 12:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 12:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 12:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 12:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 11:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 11:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 11:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 11:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 11:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 11:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 11:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 11:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 11:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 11:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/webhp?hl=en&tab=nw
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search Powered by Google"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ed44922c-01f3-56a8-cda1-afadb1e91cde}:4.6.6.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledItems: {cae9e4ee-e63b-4c68-8abf-672f47016882}:9.0.0
FF - prefs.js..keyword.URL: "http://bing.zugotoolbar.com/s/?iesrc=IE-Address&site=Bing&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/11/03 05:47:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/04 12:12:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/10 19:58:47 | 000,000,000 | ---D | M]

[2009/04/30 07:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Mozilla\Extensions
[2010/11/21 21:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions
[2009/10/30 13:34:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/20 19:43:19 | 000,000,000 | ---D | M] (IObitCom Toolbar) -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}
[2010/10/30 09:19:59 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2009/07/27 10:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\extensions\en-US@dictionaries.addons.mozilla(2).org
[2010/04/30 20:31:12 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\searchplugins\bing-ff.xml
[2009/12/19 22:34:36 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Mozilla\Firefox\Profiles\9e1n9hmj.default\searchplugins\conduit.xml
[2010/11/21 21:41:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/10 06:39:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/16 09:52:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/04/30 20:30:32 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{ed44922c-01f3-56a8-cda1-afadb1e91cde}
[2008/06/17 23:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/06/22 03:36:30 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2004/03/19 15:37:50 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (no name) - {b6a73a11-0161-bbd1-427e-0c61e7e66e17} - No CLSID value found.
O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (iGive Toolbar) - {FA73AE1B-4BA9-4E8B-832B-54A287FF1B7F} - C:\Program Files\iGive_Toolbar\igvtb.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [igvtm] C:\Program Files\iGive_Toolbar\igvtt.exe ()
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: &NeoTrace It! - C:\Program Files\NeoTrace Express\NTXcontext.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: iGive Toolbar - C:\Documents and Settings\Dot\Application Data\iGive_Toolbar\igvtt\igvtC5.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} http://download.microsoft.com/download/ ... arth3D.cab (Reg Error: Value error.)
O16 - DPF: {11A02365-2859-4598-A9D5-4FDE99D67723} http://www.pqprintcenter.com/plugin/axv ... ck1611.cab (Reg Error: Value error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} http://makeover.ivillage.co.uk/save/makeover.cab (Reg Error: Value error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Value error.)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/56.25/uploader2.cab (Reg Error: Value error.)
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} http://moneycentral.msn.com/cabs/pmupd806.exe (MSN Money Charting)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdat ... /opuc3.cab (Office Update Installation Engine)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Reg Error: Value error.)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/54.16/uploader2.cab (Reg Error: Value error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab (Reg Error: Value error.)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab (Reg Error: Value error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/share ... insctl.cab (Reg Error: Value error.)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com/uploader/SlideImageUploader.cab (Reg Error: Value error.)
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} http://sidestep.com/get/k00719/sb02a.cab (Reg Error: Value error.)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/common/groove/gx/GrooveAX27.cab (Reg Error: Value error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Reg Error: Value error.)
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} http://ipgweb.cce.hp.com/rdqna/downloads/msxml4.cab (XML DOM Document 4.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} http://a19.g.akamai.net/7/19/7125/4056/ ... oupons.cab (Reg Error: Value error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Reg Error: Value error.)
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} http://merillat.view22.com/view22/roomapp/View22RTE.cab (Reg Error: Value error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/share ... cgdmgr.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.66.237 213.109.72.202 1.1.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Dot\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dot\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/05/16 06:36:02 | 000,000,025 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{de5eddea-181e-11db-b5e4-00111128453f}\Shell - "" = AutoRun
O33 - MountPoints2\{de5eddea-181e-11db-b5e4-00111128453f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{de5eddea-181e-11db-b5e4-00111128453f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: brssINFO - (C:\WINDOWS\system32\dplastat.dll) - C:\WINDOWS\System32\dplastat.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/11/16 18:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dot\HijackThis logs
[2010/11/14 15:26:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dot\Recent
[2010/11/12 11:46:58 | 004,280,320 | ---- | C] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2010/11/10 08:41:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/10 08:41:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/09 19:50:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dot\My Documents\ranchWife
[2010/11/06 09:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dot\My Documents\epohelp_files
[2010/11/03 06:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dot\Application Data\PCDr
[2010/10/25 15:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\STOPzilla!
[2010/10/25 15:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2010/10/25 15:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2010/10/23 18:07:40 | 000,132,560 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3HTUI5.dll
[2010/10/23 18:07:40 | 000,022,992 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZIO5.dll
[2010/10/23 18:07:38 | 000,546,256 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZComp5.dll
[2010/10/23 18:07:38 | 000,452,048 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZBase5.dll
[2010/10/23 18:07:38 | 000,398,800 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3DBA5.dll
[2010/10/23 18:07:38 | 000,028,624 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3XDat5.dll
[2010/10/23 18:07:36 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Svc5.dll
[2010/10/23 18:07:36 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Inet5.dll
[2010/10/23 18:07:36 | 000,067,024 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Hks5.dll
[2010/10/23 18:07:34 | 000,738,768 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Base5.dll
[2010/10/23 18:07:34 | 000,390,608 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3UI5.dll
[2010/10/23 18:07:34 | 000,230,864 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Win325.dll
[2004/09/07 18:59:59 | 016,706,160 | ---- | C] (Netopsystems AG) -- C:\Program Files\AdbeRdr60_enu_full.exe

========== Files - Modified Within 30 Days ==========

[2010/11/22 10:23:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-76020992-1609971859-2370090961-1007UA.job
[2010/11/22 09:58:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/22 09:00:00 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2010/11/22 07:23:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-76020992-1609971859-2370090961-1007Core.job
[2010/11/22 03:38:06 | 000,002,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010/11/22 03:18:10 | 099,807,193 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/21 22:00:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/11/21 17:58:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/21 17:40:23 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/11/21 13:59:03 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\d7gnb2f4.exe
[2010/11/21 13:47:35 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\p15ipksk.exe
[2010/11/21 13:14:34 | 000,630,272 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\dds.scr
[2010/11/21 07:48:13 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/11/21 07:48:08 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-76020992-1609971859-2370090961-1007.job
[2010/11/21 07:48:07 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2010/11/21 07:46:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/11/20 17:20:52 | 000,006,188 | -H-- | M] () -- C:\Documents and Settings\Dot\My Documents\Picasa.ini
[2010/11/20 16:15:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\prvlcl.dat
[2010/11/19 19:02:37 | 000,000,026 | ---- | M] () -- C:\WINDOWS\Brmfcmon.ini
[2010/11/19 19:02:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\¼
[2010/11/17 15:44:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/16 18:31:06 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\Shortcut to Downloads.lnk
[2010/11/16 17:39:51 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\project7_06.xls
[2010/11/15 08:29:35 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag.lnk
[2010/11/14 20:40:59 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/11/14 20:40:59 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/11/14 20:40:59 | 000,000,151 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\IObit Freeware.url
[2010/11/14 15:20:00 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/11/14 15:01:56 | 000,000,989 | ---- | M] () -- C:\WINDOWS\System32\MAPISVC.INF
[2010/11/13 07:57:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-76020992-1609971859-2370090961-1007.job
[2010/11/12 11:46:58 | 004,280,320 | ---- | M] (Google Inc.) -- C:\WINDOWS\System32\GPhotos.scr
[2010/11/11 06:57:42 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/11/10 19:58:48 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/10 08:41:15 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/08 19:55:30 | 000,486,360 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/11/08 19:55:29 | 000,089,412 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2010/11/08 10:02:17 | 000,002,442 | ---- | M] () -- C:\WINDOWS\winzip32.ini
[2010/11/06 09:06:55 | 000,118,415 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\epohelp.htm
[2010/11/05 18:21:49 | 000,015,796 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\STOPzilla Black List Contents.htm
[2010/11/04 18:01:50 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2010/11/04 13:24:12 | 000,002,268 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\Google Chrome.lnk
[2010/11/04 13:24:12 | 000,002,246 | ---- | M] () -- C:\Documents and Settings\Dot\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/03 05:58:35 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\litterbox.xls
[2010/11/03 05:47:39 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/11/02 18:04:28 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Dot\Desktop\Shortcut to firefox.exe.lnk
[2010/10/28 20:52:19 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Dot\My Documents\andy_Bday_note-from-al.doc
[2010/10/28 07:02:39 | 000,147,968 | ---- | M] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/23 18:07:40 | 000,132,560 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3HTUI5.dll
[2010/10/23 18:07:40 | 000,022,992 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZIO5.dll
[2010/10/23 18:07:38 | 000,546,256 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZComp5.dll
[2010/10/23 18:07:38 | 000,452,048 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZBase5.dll
[2010/10/23 18:07:38 | 000,398,800 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3DBA5.dll
[2010/10/23 18:07:38 | 000,028,624 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3XDat5.dll
[2010/10/23 18:07:36 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Svc5.dll
[2010/10/23 18:07:36 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Inet5.dll
[2010/10/23 18:07:36 | 000,067,024 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Hks5.dll
[2010/10/23 18:07:34 | 000,738,768 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Base5.dll
[2010/10/23 18:07:34 | 000,390,608 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3UI5.dll
[2010/10/23 18:07:34 | 000,230,864 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Win325.dll

========== Files Created - No Company Name ==========

[2010/11/22 03:38:05 | 000,002,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010/11/21 13:59:01 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\d7gnb2f4.exe
[2010/11/21 13:47:34 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\p15ipksk.exe
[2010/11/21 13:14:19 | 000,630,272 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\dds.scr
[2010/11/19 19:02:37 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Brmfcmon.ini
[2010/11/19 19:02:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\¼
[2010/11/16 18:31:06 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\Shortcut to Downloads.lnk
[2010/11/14 20:40:59 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/11/14 20:40:59 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/11/14 15:20:00 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/11/10 19:58:47 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/10 08:41:15 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/06 09:06:45 | 000,118,415 | ---- | C] () -- C:\Documents and Settings\Dot\My Documents\epohelp.htm
[2010/11/05 17:51:13 | 000,015,796 | ---- | C] () -- C:\Documents and Settings\Dot\My Documents\STOPzilla Black List Contents.htm
[2010/11/04 18:01:50 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2010/11/02 18:04:28 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Dot\Desktop\Shortcut to firefox.exe.lnk
[2010/10/28 20:52:19 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Dot\My Documents\andy_Bday_note-from-al.doc
[2010/10/11 20:05:23 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\fusioncache.dat
[2010/08/12 14:58:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\prvlcl.dat
[2010/07/13 21:55:49 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/06/02 06:51:57 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\qcopjv.dat
[2010/03/13 10:38:04 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/03/13 10:37:55 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/03/13 10:37:55 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/03/13 10:37:54 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/03/13 10:37:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/09 09:50:00 | 002,128,896 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\cooliris-win-ie-release-1.11.7.31969.en-US.msi
[2009/12/14 23:30:45 | 002,130,944 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\cooliris-win-ie-release-1.11.6.31225.en-US.msi
[2009/10/14 13:17:41 | 002,124,288 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\cooliris-win-ie-release-1.11.5.29501.en-US.msi
[2009/10/05 18:49:06 | 000,000,013 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\1ÌØ13.sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/12/17 10:15:54 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\kodakpcd.ini
[2008/04/03 10:16:55 | 000,001,588 | ---- | C] () -- C:\WINDOWS\debugrcfile.ini
[2008/03/26 06:41:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2008/02/11 14:50:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/02/20 20:59:37 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2006/11/08 20:26:19 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/27 22:17:29 | 000,023,295 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\Comma Separated Values (Windows).ADR
[2006/10/27 22:16:25 | 000,038,458 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\Comma Separated Values (DOS).ADR
[2006/07/30 16:44:03 | 000,000,219 | ---- | C] () -- C:\WINDOWS\WS_FTP.INI
[2006/05/29 05:15:53 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2006/03/01 19:51:47 | 000,002,442 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2006/02/10 09:19:32 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/12/01 22:14:55 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\PDFreDirectMonNT.dll
[2005/11/24 11:04:01 | 000,000,054 | ---- | C] () -- C:\WINDOWS\KA.INI
[2005/11/13 20:22:41 | 000,000,315 | ---- | C] () -- C:\WINDOWS\3DHOME.INI
[2005/07/08 11:03:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2005/07/08 10:20:33 | 000,000,030 | ---- | C] () -- C:\WINDOWS\POTATO.INI
[2005/07/08 08:04:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/04/24 21:51:42 | 000,000,084 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2005/04/24 21:51:41 | 000,000,055 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2005/04/24 18:40:50 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2005/04/24 18:39:32 | 000,001,549 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2005/04/24 18:39:32 | 000,000,551 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2005/04/24 18:39:32 | 000,000,152 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2005/04/24 18:39:32 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2005/04/24 18:39:09 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2005/04/24 18:29:22 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2005/03/09 10:07:51 | 000,004,271 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/02/25 10:08:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/02/16 13:25:59 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/01/01 16:44:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2004/12/04 21:14:45 | 000,000,053 | ---- | C] () -- C:\WINDOWS\zbj22.ini
[2004/11/26 14:45:07 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2004/11/26 14:45:07 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2004/11/26 14:45:07 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2004/11/26 14:42:47 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2004/11/26 14:37:13 | 000,000,962 | ---- | C] () -- C:\WINDOWS\disney.ini
[2004/11/26 14:37:05 | 000,000,201 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2004/11/24 17:31:00 | 000,001,084 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2004/11/24 12:47:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\DXFLib.dll
[2004/09/22 07:49:04 | 000,000,632 | ---- | C] () -- C:\WINDOWS\Chatrm.INI
[2004/09/22 07:48:46 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\DRAGHOOK.dll
[2004/09/22 07:48:44 | 000,000,362 | ---- | C] () -- C:\WINDOWS\cribbage.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\spades.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pinochle.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hearts.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\gin.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\gammon.ini
[2004/09/22 07:48:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\euchre.ini
[2004/09/07 18:59:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\dm.ini
[2004/09/03 19:09:15 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2004/09/01 15:39:47 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\PFP120JPR.{PB
[2004/09/01 15:39:47 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Dot\Application Data\PFP120JCM.{PB
[2004/09/01 11:27:59 | 000,000,163 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2004/09/01 06:44:27 | 000,147,968 | ---- | C] () -- C:\Documents and Settings\Dot\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/08/28 08:55:03 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/28 08:48:16 | 000,000,839 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/08/28 08:36:49 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/28 08:26:04 | 000,000,549 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/03/26 15:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/03/20 11:21:34 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/20 10:58:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/03/19 15:37:28 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2001/09/19 11:41:46 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\opcode.dll
[1996/12/03 23:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1996/12/03 23:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1979/12/31 22:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2010/01/21 13:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AGI
[2008/06/07 06:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atrise
[2010/11/16 19:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/09/29 08:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/09/29 09:46:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/10/05 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/09/29 07:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2006/08/13 19:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2006/02/10 09:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2006/05/11 07:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G4
[2005/04/24 18:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/11/22 10:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2008/02/01 22:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/04/30 20:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2007/01/23 09:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/04/14 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/25 13:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/02/08 15:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2008/08/17 13:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Acreon
[2010/03/15 21:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\ActiveState
[2005/12/17 15:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Allume Systems
[2010/08/10 19:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\AnvSoft
[2010/08/10 17:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Any Video Converter
[2010/10/11 21:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\AVG
[2010/09/29 09:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\AVG10
[2010/11/22 03:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\iGive_Toolbar
[2010/01/18 19:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\IObit
[2005/01/09 17:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Jasc
[2008/03/10 22:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\KompoZer
[2005/01/05 14:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Leadertech
[2009/01/15 20:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\MPEG Streamclip
[2007/05/31 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Nvu
[2010/11/03 06:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\PCDr
[2006/03/11 20:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\PDF reDirect
[2006/05/11 06:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\River Past G4
[2006/05/11 06:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\RiverPast G4
[2005/04/25 07:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\ScanSoft
[2010/03/25 12:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\scriptocean
[2008/08/19 20:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Search Settings
[2008/11/07 11:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Skinux
[2009/02/12 09:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Snapfish
[2006/04/05 15:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Template
[2010/08/03 14:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Tific
[2010/10/05 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Uniblue
[2007/06/03 18:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\Viewpoint
[2010/11/22 00:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dot\Application Data\WeatherBug
[2010/11/21 07:48:07 | 000,000,384 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2010/11/21 22:00:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job

========== Purity Check ==========



< End of report >
Dorothy
Regular Member
 
Posts: 49
Joined: November 16th, 2010, 8:36 pm

EXTRA.TXT

Unread postby Dorothy » November 22nd, 2010, 1:54 pm

OTL Extras logfile created on: 11/22/2010 10:44:34 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Dot\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.48 Gb Total Space | 106.35 Gb Free Space | 73.10% Space Free | Partition Type: NTFS

Computer Name: DOTS | User Name: Dot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.js [@ = JSFile] -- C:\Program Files\Macromedia\Dreamweaver 4\Dreamweaver.exe (Macromedia, Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
jsfile [open] -- "C:\Program Files\Macromedia\Dreamweaver 4\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- File not found
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\WS_FTP\WS_FTP95.exe" = C:\Program Files\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA 02173)
"C:\Program Files\QuickTime\QuickTimePlayer.exe" = C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player -- (Apple Inc.)
"C:\Program Files\Macromedia\Dreamweaver 4\Dreamweaver.exe" = C:\Program Files\Macromedia\Dreamweaver 4\Dreamweaver.exe:*:Enabled:Dreamweaver -- (Macromedia, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Google\Picasa3\Picasa3.exe" = C:\Program Files\Google\Picasa3\Picasa3.exe:*:Enabled:Picasa 3 -- (Google Inc.)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00120409-78E1-11D2-B60F-006097C998E7}" = Microsoft FrontPage 2000
"{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1" = SWF Opener
"{0323CB96-221A-4042-84A3-93EDE47099FC}" = AVG 2011
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0BA9CAC3-5131-4E59-B2AB-B765E876AAA2}" = Brother MFL-Pro Suite
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{155FBB0D-0EE9-42D1-9E41-15E08F691033}" = Microsoft Producer for Microsoft Office PowerPoint 2003
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{1A258E63-8DF5-4ADB-9832-38A0121D65EB}" = AVG 2011
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{304B576D-A16E-4983-A5E5-53E40806DFB5}" = STOPzilla
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34A86A48-1225-419B-94B2-3A0548786ECD}" = ActiveState Komodo Edit 5.2.4
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{39B1915D-3CBA-42F8-8A58-2AB5587BF863}" = Microsoft Office PowerPoint 2003 Template Creation Wizard
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4C93C363-414E-11D4-9756-00C04F8EEB39}" = Macromedia Flash 5
"{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5F629FE8-5B4C-4863-937A-AFC2961F7DD3}" = Microsoft Works Suite Add-in for Microsoft Word
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{7148F0A8-6813-11D6-A77B-00B0D0142060}" = Java 2 Runtime Environment, SE v1.4.2_06
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90AB0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 1
"{90AC0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 2
"{90AD0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 3
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A52BB7E2-1D7F-40E3-ADA9-BDF1E0B3A65A}" = ColorSelectStudio
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel(R) PROSet
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BA68600E-96D9-4E92-80F2-26B9681B5A63}" = Microsoft Office Outlook 2003 with Business Contact Manager Update
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}" = Works Synchronization
"{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}" = Search Settings 1.2
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 ESD
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8D0829C-9C6F-11D3-8080-00C04FA329AA}" = Microsoft Works 6.0
"{FAF7F1D7-C0E7-47EA-8AAA-84E4F9EA3C94}" = Works Suite OS Pack
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AdobeESD" = Adobe Download Manager 1.2 (Remove Only)
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Any Video Converter_is1" = Any Video Converter 3.0.7
"AnyTime Deluxe Edition 7.1" = AnyTime Deluxe Edition 7.1
"Atrise ToHTML" = Atrise ToHTML 2.1.0
"AVG" = AVG 2011
"Bink and Smacker" = Bink and Smacker
"CCleaner" = CCleaner
"CoffeeCup Flash FireStarter" = CoffeeCup Flash FireStarter
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Eye Candy 4000" = Eye Candy 4000
"Flash Saving Plugin" = Flash Saving Plugin
"Flash Text Fader" = Flash Text Fader 1.0
"FoneSync" = FoneSync
"Free Convert MPEG WMV to MP4 FLV AVI Converter_is1" = Free Convert MPEG WMV to MP4 FLV AVI Converter 5.8
"Google Updater" = Google Updater
"ie8" = Windows Internet Explorer 8
"Image Composer" = Microsoft Image Composer 1.5
"Indeo® Software" = Indeo® Software
"InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Listen Rhapsody" = Listen Rhapsody
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006a" = MSN Money Investment Toolbox
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSN Music Assistant" = MSN Music Assistant
"MVApplication1" = SureThing CD Labeler - Stomper Edition 32 bit
"NeoTrace Express 3.25" = NeoTrace Express 3.25
"Nvu_is1" = Nvu 1.0
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"Paint Shop Pro 5.01" = Paint Shop Pro 5.01
"PDF reDirect" = PDF reDirect (remove only)
"Picasa 3" = Picasa 3
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"RealPlayer 12.0" = RealPlayer
"Smart Defrag_is1" = Smart Defrag
"unigvt" = iGive Toolbar
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WeatherBug" = WeatherBug
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"Works2001Setup" = Microsoft Works 2001 Setup Launcher
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Toolbar" = Yahoo! Toolbar
"Zoombinis Logical Journey(TM)" = Zoombinis Logical Journey(TM)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"WorksDatabaseConverter" = WorksDatabaseConverter

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/15/2010 1:23:42 AM | Computer Name = DOTS | Source = MsiInstaller | ID = 11500
Description = Product: Microsoft Office Outlook 2003 with Business Contact Manager
Update -- Error 1500.Another installation is in progress. You must complete that
installation before continuing this one.

Error - 11/15/2010 10:18:38 AM | Computer Name = DOTS | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.

Error - 11/15/2010 11:48:21 PM | Computer Name = DOTS | Source = Application Error | ID = 1000
Description = Faulting application igvtp.exe, version 0.0.0.0, faulting module urlmon.dll,
version 8.0.6001.18968, fault address 0x00029be7.

Error - 11/16/2010 6:22:52 PM | Computer Name = DOTS | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application outlook.exe, version 11.0.8325.0, stamp 4bf591af,
faulting module avgoutlookx.dll, version 10.0.0.1145, stamp 4cb251cd, debug? 0,
fault address 0x00007d13.

Error - 11/16/2010 10:17:18 PM | Computer Name = DOTS | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.

Error - 11/17/2010 5:03:45 PM | Computer Name = DOTS | Source = Application Error | ID = 1000
Description = Faulting application dreamweaver.exe, version 4.0.1064.0, faulting
module dreamweaver.exe, version 4.0.1064.0, fault address 0x00308155.

Error - 11/17/2010 5:16:33 PM | Computer Name = DOTS | Source = Application Error | ID = 1000
Description = Faulting application dreamweaver.exe, version 4.0.1064.0, faulting
module dreamweaver.exe, version 4.0.1064.0, fault address 0x00308155.

Error - 11/17/2010 5:18:52 PM | Computer Name = DOTS | Source = Application Error | ID = 1000
Description = Faulting application dreamweaver.exe, version 4.0.1064.0, faulting
module dreamweaver.exe, version 4.0.1064.0, fault address 0x0003dee4.

Error - 11/17/2010 8:35:07 PM | Computer Name = DOTS | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.2.3951, faulting module
lvcoordinator.dll, version 0.0.0.0, fault address 0x00008073.

Error - 11/17/2010 8:35:09 PM | Computer Name = DOTS | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3951, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.

[ System Events ]
Error - 10/3/2010 9:27:14 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 10/4/2010 6:14:10 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 10/4/2010 6:15:10 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 10/4/2010 6:16:10 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 10/4/2010 6:21:10 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 10/4/2010 6:31:10 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 10/4/2010 6:32:10 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 10/4/2010 6:35:10 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 10/4/2010 6:43:10 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 10/4/2010 6:44:10 PM | Computer Name = DOTS | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.


< End of report >
Dorothy
Regular Member
 
Posts: 49
Joined: November 16th, 2010, 8:36 pm

Re: Help wanted!

Unread postby melboy » November 22nd, 2010, 3:31 pm

Hi

Let me know how things are running after running the fix below.



OTL Script

We need to run an OTL Fix

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :otl
    IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
    FF - prefs.js..keyword.URL: "http://bing.zugotoolbar.com/s/?iesrc=IE-Address&site=Bing&q="
    O2 - BHO: (no name) - {b6a73a11-0161-bbd1-427e-0c61e7e66e17} - No CLSID value found.
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No CLSID value found.
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No CLSID value found.
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} http://a19.g.akamai.net/7/19/7125/4056/ ... oupons.cab (Reg Error: Value error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.66.237 213.109.72.202 1.1.1.1
    [2010/04/30 20:30:32 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{ed44922c-01f3-56a8-cda1-afadb1e91cde}
    
    :files
    C:\Documents and Settings\Dot\Application Data\qcopjv.dat
    ipconfig /flushdns /c
    
    :commands
    [PURITY]
    [EMPTYTEMP]
    [REBOOT]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.


=========================


If you have problems with your internet connection after running the fix:

  • Please go to Start -> Control Panel, and choose Network Connections.
  • Then right click on your default connection, usually Local Area Connection or Dial-up Connection if you are using Dial-up, and left click on properties.
  • Under the Networking tab double-click on the Internet Protocol (TCP/IP) item and select the radio button that says Obtain DNS servers automatically.
  • Click OK twice, and restart your computer.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

I believe this is the OTL file generated after reboot

Unread postby Dorothy » November 22nd, 2010, 6:28 pm

Giving everything a test drive. Initally, one site redirected me to 5 diff pages, but now that has stopped. I'm hopeful. And , to say the least, GRATEFUL, for your help! wow---awesome. I'll see how it goes this evening and get back to you. Have a nice evening yourself. Will watch for reply if the following necessitates anything on my part now. Bye!

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
Prefs.js: "http://bing.zugotoolbar.com/s/?iesrc=IE-Address&site=Bing&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6a73a11-0161-bbd1-427e-0c61e7e66e17}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6a73a11-0161-bbd1-427e-0c61e7e66e17}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{BA52B914-B692-46c4-B683-905236F6F655} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA52B914-B692-46c4-B683-905236F6F655}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}\ not found.
Starting removal of ActiveX control {9522B3FB-7A2B-4646-8AF6-36E7F593073C}
C:\WINDOWS\Downloaded Program Files\cpbrkpie.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ not found.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
C:\Program Files\Mozilla Firefox\extensions\{ed44922c-01f3-56a8-cda1-afadb1e91cde}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{ed44922c-01f3-56a8-cda1-afadb1e91cde}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{ed44922c-01f3-56a8-cda1-afadb1e91cde} folder moved successfully.
========== FILES ==========
C:\Documents and Settings\Dot\Application Data\qcopjv.dat moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Dot\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Dot\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 158 bytes
->Temporary Internet Files folder emptied: 614912 bytes

User: Al
->Temp folder emptied: 1622540 bytes
->Temporary Internet Files folder emptied: 17479586 bytes
->Java cache emptied: 143738 bytes
->FireFox cache emptied: 37522217 bytes
->Flash cache emptied: 1256 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41 bytes

User: Dot
->Temp folder emptied: 4497397 bytes
->Temporary Internet Files folder emptied: 27250238 bytes
->Java cache emptied: 21035 bytes
->FireFox cache emptied: 159825683 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 44160 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49554 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1159758 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2863989 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 91237328 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 328.00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11222010_130020

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Dot\Local Settings\Temp\~DFD007.tmp not found!
File\Folder C:\Documents and Settings\Dot\Local Settings\Temporary Internet Files\Content.Word\~WRF0003.tmp not found!
File\Folder C:\Documents and Settings\Dot\Local Settings\Temporary Internet Files\Content.Word\~WRS0001.tmp not found!

Registry entries deleted on Reboot...
Dorothy
Regular Member
 
Posts: 49
Joined: November 16th, 2010, 8:36 pm

Re: Help wanted!

Unread postby melboy » November 22nd, 2010, 8:20 pm

Hi

You've still some issues to look at yet - keep at it.

Give me an update on how things are running after completing the steps below.


Uninstall Programs

  • click on start
  • Click on control panel
  • Double click the icon add/remove programs
  • click on the first program in the list and click Remove
  • Continue through the list below (one at a time) until all programs have been removed.
  • If something isn't found, please continue with the next entry in the list.
Search Settings 1.2
WeatherBug



Update Adobe Reader

Your Adobe Reader is out of date.
Older versions may have vulnerabilities that malware can use to infect your system.

  • Uninstall via Start > Control Panel > Add/Remove Programs:
    Adobe Reader 6.0.1
  • Open Adobe Reader
  • Then using the internal updater update the software to the current increment 9.4.1
    • Go to > Help > Check for updates and allow the updater to check.
    • Click to download and install any necessary updates.



Update Java Runtime
You are using an old version of Java. Oracle's Java (Was Sun Java) is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. The most current version of Oracle Java is: Java Runtime Environment Version 6 Update 22.

  • Go to Oracle Java
  • Scroll down to where it says "Java Platform, Standard Edition JDK 6 Update 22 (JDK or JRE)"
  • Click the Download JRE button to the right
  • In the Platform box choose Windows.
  • Check the box to Accept License Agreement and click Continue.
  • Click on Windows Offline Installation, click on the link under it which says "jre-6u22-windows-i586.exe" and save the downloaded file to your desktop.
  • Uninstall all old versions of Java via Start > Control Panel > Add/Remove Programs:
    J2SE Runtime Environment 5.0 Update 2
    J2SE Runtime Environment 5.0 Update 4
    J2SE Runtime Environment 5.0 Update 6
    Java 2 Runtime Environment, SE v1.4.2_03
    Java 2 Runtime Environment, SE v1.4.2_05
    Java 2 Runtime Environment, SE v1.4.2_06
    Java(TM) 6 Update 2
    Java(TM) 6 Update 21
    Java(TM) 6 Update 5
    Java(TM) 6 Update 7
    Java(TM) SE Runtime Environment 6 Update 1
  • Install the new version by running the newly-downloaded file with the java icon which will be at your desktop, and follow the on-screen instructions.
  • Reboot your computer



TFC

  • Please download TFC by Old Timer to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.



Malwarebytes' Anti-Malware (MBAM)

As you have Malwarebytes' Anti-Malware installed on your computer. Could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform Quick scan, then click on Scan
  • When done, you will be prompted. Click OK. If Items are found, then click on Show Results
  • Check all items then click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply.

    The log can also be found here:
    1. C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    2. Or via the Logs tab when the application is started.

Note: MBAM may ask to reboot your computer so it can continue with the removal process, please do so immediately.
Failure to reboot will prevent MBAM from removing all the malware.




In your next reply:
  1. MBAM log
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 48 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware