Problem's with my mother's PC.

jackbuttmommys · 11-08-2009

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:05:05 PM, on 11/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\FastNetSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Mirar
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = eMachines Official Site: Home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = AOL.com - Welcome to AOL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{03402f96-3dc7-4285-bc50-9e81fefafe43} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Star - {024E9230-8808-4CEC-BE9D-C6273AF2A9E9} - C:\WINDOWS\system32\8d78.dll (file missing)
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Documents and Settings\Laura\Desktop\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
O4 - HKCU\..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM7\aim.exe" /d locale=en-US
O4 - Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1125363955750
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: fastnetsrv Service (fastnetsrv) - Netopsystems A - C:\WINDOWS\system32\FastNetSrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\System32\HPZipm12.exe (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 8492 bytes

jackbuttmommys · 11-08-2009

OTL logfile created on: 11/8/2009 12:01:50 AM - Run 2
OTL by OldTimer - Version 3.1.4.0 Folder = C:\Documents and Settings\Laura\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.48 Mb Total Physical Memory | 190.11 Mb Available Physical Memory | 37.24% Memory free
1.22 Gb Paging File | 0.90 Gb Available in Paging File | 73.81% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 56.49 Gb Free Space | 75.80% Space Free | Partition Type: NTFS
Drive D: | 2.87 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-E7NDL1JV3J
Current User Name: Laura
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Laura\My Documents\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe (Network Associates, Inc.)
PRC - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe (Network Associates, Inc.)
PRC - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe (Network Associates, Inc.)
PRC - C:\WINDOWS\system32\ati2evxx.exe ()
PRC - C:\WINDOWS\system32\BCMWLTRY.EXE (Motorola Inc.)
PRC - C:\WINDOWS\system32\WLTRYSVC.EXE ()
PRC - C:\WINDOWS\system32\slserv.exe ( )
PRC - C:\Program Files\Common Files\AOL\ACS\acsd.exe (America Online, Inc.)
PRC - C:\WINDOWS\system32\opeia.exe (Andreas Hausladen)
PRC - C:\WINDOWS\system32\FastNetSrv.exe (Netopsystems AG)
PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
PRC - C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Laura\My Documents\Downloads\OTL(2).exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (Pml Driver HPZ12) -- File not found
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (FontCache3.0.0.0) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (McTaskManager) -- C:\Program Files\Network Associates\VirusScan\vstskmgr.exe (Network Associates, Inc.)
SRV - (McAfeeFramework) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe (Network Associates, Inc.)
SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe ()
SRV - (WLTRYSVC) -- C:\WINDOWS\System32\wltrysvc.exe ()
SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( )
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe (America Online, Inc.)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (fastnetsrv) -- C:\WINDOWS\system32\FastNetSrv.exe (Netopsystems AG)
SRV - (BtwSrv) -- C:\WINDOWS\system32\BtwSrv.dll (FTD2XX Software Technology)
SRV - (WANMiniportService) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
SRV - (WMDM PMSP Service) -- C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (GEARAspiWDM) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (atapi) -- C:\WINDOWS\System32\DRIVERS\atapi.sys ()
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (MDC8021X) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (FETND5BV) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys (VIA Technologies, Inc. )
DRV - (NaiAvFilter1) -- C:\WINDOWS\system32\drivers\naiavf5x.sys (Network Associates, Inc.)
DRV - (NaiAvTdi1) -- C:\WINDOWS\system32\drivers\mvstdi5x.sys (Network Associates, Inc.)
DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\recagent.sys (Smart Link)
DRV - (HPZius12) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP)
DRV - (HPZid412) -- C:\WINDOWS\system32\drivers\hpzid412.sys (HP)
DRV - (HPZipr12) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ASCTRM) -- C:\WINDOWS\system32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (LSWPCv4) -- C:\WINDOWS\system32\drivers\rtl8180.sys (Realtek Semiconductor Corporation )
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( )
DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( )
DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( )
DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( )
DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( )
DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Vireo Software)
DRV - (FETNDISB) -- C:\WINDOWS\system32\drivers\fetnd5b.sys (VIA Technologies, Inc. )
DRV - (NTSIM) -- C:\WINDOWS\system32\ntsim.sys (VIA Networking, Inc. )
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (wanatw) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (viaagp1) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Bing
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = eMachines Official Site: Home
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\CNNSI, = search.sportsillustrated.cnn.com/pages/search.jsp?query=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Dictionary, = dictionary.reference.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Google, = google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleGroups, = groups-beta.google.com/groups?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleImages, = images.google.com/images?hl=en&lr=&q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleNews, = news.google.com/news?tab=gn&hl=en&ie=UTF-8&q=%s&btnG=Search+News
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KB, = support.microsoft.com/search/default.aspx?query=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KBDLL, = support.microsoft.com/dllhelp/default.aspx?dlltype=file&l=55&alpha=%s&S=1
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Movies, = fandango.com/my_box_office.asp?searchby=2&txtCityZip=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = search.msn.com/results.asp?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Thesaurus, = thesaurus.reference.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Weather, = weather.com/weather/local/%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Yahoo, = search.yahoo.com/search?p=%s
IE - HKCU\..\URLSearchHook: *{03402f96-3dc7-4285-bc50-9e81fefafe43} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim&ncid=snsusaimc00000001"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.424
FF - prefs.js..extensions.enabledItems: avg@igeared:2.609.002.003
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\:
FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Components: C:\Program Files\Common Files\csshare\plugins0942 [2009/11/02 01:56:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Plugins: C:\Program Files\Common Files\csshare\plugins0942 [2009/11/02 01:56:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5 b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/11/03 11:51:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igea red: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/10/15 14:33:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a8264 5-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/21 07:27:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/07 02:54:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/07 02:54:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Components: C:\Program Files\Netscape\Netscape 6\Components [2009/10/15 19:46:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape 6\Plugins [2009/11/02 01:56:01 | 00,000,000 | ---D | M]

[2008/10/17 22:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Extensions
[2008/10/17 22:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/07 01:26:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\ext ensions
[2009/10/21 16:43:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\ext ensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/07 01:26:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\ext ensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/10/22 23:18:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\ext ensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/10/13 22:26:11 | 00,004,207 | ---- | M] () -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\sea rchplugins\aim-search-1.xml
[2009/10/22 23:18:50 | 00,004,546 | ---- | M] () -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\sea rchplugins\aim-search-2.xml
[2008/11/02 01:53:33 | 00,001,769 | ---- | M] () -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\sea rchplugins\aim-search.xml
[2009/11/07 01:26:32 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/07 02:54:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/10/19 14:28:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/11/07 02:53:37 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/07 02:53:37 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007/04/10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2006/02/07 15:41:38 | 00,049,152 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2009/07/07 16:20:42 | 00,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
[2009/07/07 16:20:42 | 00,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
[2009/11/07 02:54:01 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/03/22 18:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/10/15 19:46:32 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/10/15 19:46:33 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/10/15 19:46:33 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/10/15 19:46:34 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/10/15 19:46:34 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/10/15 19:46:34 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/10/15 19:46:34 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2005/08/09 13:42:53 | 00,057,344 | ---- | M] (America Online, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2009/11/07 02:54:08 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/11/07 02:54:09 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/08/03 20:53:53 | 00,001,489 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2009/11/07 02:54:09 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/11/07 02:54:09 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/11/07 02:54:09 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/10/22 20:42:29 | 00,001,210 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\search.xml
[2009/11/07 02:54:10 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/11/07 02:54:10 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (1164 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 Igetnet.com
O1 - Hosts: 127.0.0.1 code.ignphrases.com
O1 - Hosts: 127.0.0.1 clear-search.com
O1 - Hosts: 127.0.0.1 r1.clrsch.com
O1 - Hosts: 127.0.0.1 sds.clrsch.com
O1 - Hosts: 127.0.0.1 status.clrsch.com
O1 - Hosts: 127.0.0.1 www.clrsch.com
O1 - Hosts: 127.0.0.1 clr-sch.com
O1 - Hosts: 127.0.0.1 sds-qckads.com
O1 - Hosts: 127.0.0.1 status.qckads.com
O1 - Hosts: 127.0.0.1 status.qckads.com
O1 - Hosts: 127.0.0.1 status.qckads.com
O1 - Hosts: 127.0.0.1 status.qckads.com
O1 - Hosts: 127.0.0.1 status.qckads.com
O1 - Hosts: 127.0.0.1 status.qckads.com
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Star) - {024E9230-8808-4CEC-BE9D-C6273AF2A9E9} - C:\WINDOWS\System32\8d78.dll File not found
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Star) - {024E9230-8808-4CEC-BE9D-C6273AF2A9E9} - C:\WINDOWS\System32\8d78.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Search) - {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Documents and Settings\Laura\Desktop\Malwarebytes' Anti-Malware\mbam.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM7\aim.exe (AOL LLC)
O4 - HKCU..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe File not found
O4 - HKCU..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe File not found
O4 - Startup: C:\Documents and Settings\Laura\Start Menu\Programs\Startup\Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 91
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoSaveSettings = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe (America Online, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/downlo...22/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1125363955750 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.co...AB?38167.48875 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.25.5.61 24.25.5.60
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\brastk.exe: Debugger - svchost.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/19 15:00:00 | 00,000,043 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{22f86a98-9c79-11de-9f19-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{22f86a98-9c79-11de-9f19-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{22f86a99-9c79-11de-9f19-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{22f86a99-9c79-11de-9f19-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (SsiEfr.ex) - File not found
O34 - HKLM BootExecute: (otExecute) - File not found
O34 - HKLM BootExecute: (settings...) - File not found
O34 - HKLM BootExecute: (on\Exp) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

jackbuttmommys · 11-08-2009

NetSvcs: BtwSrv - C:\WINDOWS\system32\BtwSrv.dll (FTD2XX Software Technology)
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2003/12/18 05:43:11 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
NetSvcs: Ip6FwHlp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk - C:\Program Files\BigFix\BigFix.exe - (BigFix Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyTotalSearch Email Plugin.lnk - C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE - (MyTotalSearch.com)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^User^Start Menu^Programs^Startup^MyTotalSearch Email Plugin.lnk - C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE - (MyTotalSearch.com)
MsConfig - StartUpReg: 180ax - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: AIM - hkey= - key= - C:\PROGRA~1\aim\aim.exe -cnetwait.odl File not found
MsConfig - StartUpReg: app - hkey= - key= - File not found
MsConfig - StartUpReg: aqadcup - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: ATIModeChange - hkey= - key= - File not found
MsConfig - StartUpReg: ATIPTA - hkey= - key= - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe File not found
MsConfig - StartUpReg: Create A Monster - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Dmupoi - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: EbatesMoeMoneyMaker0 - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: ErrorGuard - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: exp.exe - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: fash - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: FlashIcon - hkey= - key= - C:\Program Files\Generic\USB Card Reader Driver v2.2e\FlashIcon.EXE File not found
MsConfig - StartUpReg: HP Component Manager - hkey= - key= - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Jawa32 - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: kvern16.dll - hkey= - key= - File not found
MsConfig - StartUpReg: loads.exe - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: McAfeeUpdaterUI - hkey= - key= - C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe File not found
MsConfig - StartUpReg: me69N - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: mediamotor.exe - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe File not found
MsConfig - StartUpReg: MyTotalSearch Email Plugin - hkey= - key= - C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE (MyTotalSearch.com)
MsConfig - StartUpReg: NaviSearch - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: pgtaff - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: pmr - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: prvtect - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe File not found
MsConfig - StartUpReg: r7oX33V - hkey= - key= - File not found
MsConfig - StartUpReg: RealTray - hkey= - key= - C:\Program Files\Real\RealPlayer\RealPlay.exe File not found
MsConfig - StartUpReg: RoxioAudioCentral - hkey= - key= - C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe File not found
MsConfig - StartUpReg: RoxioDragToDisc - hkey= - key= - C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe File not found
MsConfig - StartUpReg: RoxioEngineUtility - hkey= - key= - C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe File not found
MsConfig - StartUpReg: Rxagik - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: ShStatEXE - hkey= - key= - C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE File not found
MsConfig - StartUpReg: sixtysix - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: STOPzilla - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: SurfSideKick 2 - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: SynTPLpr - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
MsConfig - StartUpReg: Tsa - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: vernn16.dll - hkey= - key= - File not found
MsConfig - StartUpReg: ViewMgr - hkey= - key= - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
MsConfig - StartUpReg: VVSN - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Windows AdControl - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: WinTask driver - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: winupdtl - hkey= - key= - Reg Error: Value error. File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Macromedia Shockwave Director 10.1.1
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser .NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msg723 - msg723.acm File not found
Drivers32: msacm.sl_anet - sl_anet.acm File not found
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.wmv3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2009/11/07 22:04:12 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/11/07 19:24:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2009/11/07 19:23:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Corporation
[2009/11/07 19:22:48 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
[2009/11/07 03:10:27 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/11/07 02:56:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Laura\My Documents\Downloads
[2009/11/02 23:43:15 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rundll32.exe
[2009/11/02 23:43:15 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2009/11/02 01:59:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Laura\Local Settings\Application Data\Adobe
[2009/11/02 01:54:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/11/02 01:50:48 | 27,386,280 | ---- | C] ( ) -- C:\Documents and Settings\Laura\Desktop\AdbeRdr920_en_US(2).exe
[2009/11/02 01:49:08 | 27,386,280 | ---- | C] ( ) -- C:\Documents and Settings\Laura\Desktop\AdbeRdr920_en_US.exe
[2009/10/28 00:09:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Laura\Application Data\U3
[2009/10/22 23:08:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2009/10/22 23:07:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AIM
[2009/10/22 23:07:17 | 00,000,000 | ---D | C] -- C:\Program Files\AIM7
[2009/10/22 22:01:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Laura\Local Settings\Application Data\AVG Security Toolbar
[2009/10/22 21:11:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Laura\Application Data\Malwarebytes
[2009/10/22 21:11:34 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/22 21:11:32 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/22 21:11:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/22 21:05:45 | 03,550,592 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Laura\Desktop\procexp.exe
[2009/10/22 19:39:44 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\24bb5
[2009/10/20 18:37:04 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Laura\IECompatCache
[2009/10/19 20:00:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/10/19 19:59:48 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/10/19 19:59:26 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/10/19 19:58:06 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/10/19 19:58:05 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesv c.exe
[2009/10/19 19:58:05 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/10/19 19:58:05 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/10/19 19:58:05 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintpr oc.dll
[2009/10/19 19:58:04 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/10/19 19:58:04 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/10/19 19:58:02 | 00,000,000 | ---D | C] -- C:\859a169f865c6af65e3a2699dc50
[2009/10/18 12:45:53 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Laura\PrivacIE
[2009/10/18 12:37:48 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Laura\IETldCache
[2009/10/17 22:14:38 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/10/17 22:14:32 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/10/17 22:14:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/10/17 22:13:51 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/10/17 22:07:31 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2009/10/15 19:49:28 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/10/15 19:49:03 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/10/15 19:49:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/10/15 19:47:19 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/10/15 19:45:26 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/10/15 12:06:40 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009/10/15 12:02:21 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2009/10/15 12:02:17 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009/10/15 11:41:44 | 00,215,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll
[2009/10/15 11:41:44 | 00,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009/10/15 11:41:43 | 00,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009/10/14 23:30:55 | 00,000,000 | ---D | C] -- C:\Program Files\AIM Toolbar
[2009/10/14 21:45:40 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/10/13 22:25:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Laura\Local Settings\Application Data\AIM
[2009/10/13 22:24:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2009/10/13 22:24:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Laura\Local Settings\Application Data\AIM Toolbar
[2009/10/13 22:23:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\acccore
[2003/12/18 05:52:33 | 00,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[2003/12/17 12:30:48 | 01,301,704 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2003/12/17 12:30:48 | 00,548,888 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2003/12/17 12:30:48 | 00,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2003/12/17 12:30:48 | 00,167,352 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2003/12/17 12:30:48 | 00,086,512 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Laura\*.tmp files -> C:\Documents and Settings\Laura\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/08 00:09:00 | 00,000,364 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/11/07 23:59:26 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/07 23:49:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/07 23:49:27 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/07 23:49:24 | 53,535,1296 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/07 22:04:17 | 04,718,592 | ---- | M] () -- C:\Documents and Settings\Laura\NTUser.dat
[2009/11/07 22:04:14 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\HijackThis.lnk
[2009/11/07 19:38:09 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2009/11/07 19:38:09 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2009/11/07 19:23:19 | 00,063,104 | ---- | M] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/07 19:22:52 | 00,001,976 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\Windows Vista Upgrade Advisor.lnk
[2009/11/07 18:57:13 | 00,006,078 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257638023544s.jpg
[2009/11/07 16:06:04 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Laura\ntuser.ini
[2009/11/07 14:36:51 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{32491F5F-B34F-4F29-8F8F-9AB8B01E7AFC}.job
[2009/11/07 14:34:11 | 00,000,512 | ---- | M] () -- C:\WINDOWS\randseed.rnd
[2009/11/07 14:31:09 | 00,086,275 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/11/07 14:31:08 | 44,777,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/11/07 03:54:15 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/07 03:53:13 | 03,768,008 | -H-- | M] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\IconCache.db
[2009/11/04 22:58:14 | 00,030,769 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\14261_1173012771648_1417890 480_30630720_7234912_n.jpg
[2009/11/04 22:58:09 | 00,024,736 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\14261_1173012731647_1417890 480_30630719_1178678_n.jpg
[2009/11/04 02:49:51 | 00,202,201 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257320524962.jpg
[2009/11/02 23:43:16 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rundll32.exe
[2009/11/02 23:43:16 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2009/11/02 02:31:38 | 00,003,658 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257147131051s.jpg
[2009/11/02 02:31:30 | 00,002,503 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257147093187s.jpg
[2009/11/02 02:30:31 | 00,006,599 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257146138673s.jpg
[2009/11/02 02:30:02 | 00,010,263 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257146723994s.jpg
[2009/11/02 02:28:13 | 00,005,418 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257146626806s.jpg
[2009/11/02 02:27:55 | 00,006,405 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257146023003s.jpg
[2009/11/02 02:26:49 | 00,005,740 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257145966767s.jpg
[2009/11/02 02:26:30 | 00,105,153 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257146332836.png
[2009/11/02 02:25:32 | 00,006,040 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257145642844s.jpg
[2009/11/02 02:25:11 | 00,005,669 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257143544805s.jpg
[2009/11/02 02:10:41 | 00,007,963 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257145826006s.jpg
[2009/11/02 01:56:08 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/11/02 01:51:06 | 27,386,280 | ---- | M] ( ) -- C:\Documents and Settings\Laura\Desktop\AdbeRdr920_en_US(2).exe
[2009/11/02 01:49:58 | 27,386,280 | ---- | M] ( ) -- C:\Documents and Settings\Laura\Desktop\AdbeRdr920_en_US.exe
[2009/11/02 00:39:55 | 15,748,4384 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\OOo_3.1.1_Win32Intel_instal l_wJRE_en-US.exe
[2009/11/02 00:19:29 | 06,244,025 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\love20001.pdf
[2009/11/01 23:31:23 | 00,444,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/01 23:31:22 | 00,525,770 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/01 23:31:22 | 00,072,306 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/01 03:26:36 | 00,077,662 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1257058580267.jpg
[2009/10/30 00:28:28 | 00,058,469 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1256879777199.jpg
[2009/10/29 12:59:47 | 00,032,768 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\Personality Psychology Oct.doc
[2009/10/28 23:55:42 | 00,002,599 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1256772981436s.jpg
[2009/10/28 23:55:33 | 00,005,306 | ---- | M] () -- C:\Documents and Settings\Laura\Desktop\1256771406985s.jpg
[2009/10/22 23:08:08 | 00,005,098 | -H-- | M] () -- C:\IPH.PH
[2009/10/22 23:07:44 | 00,001,587 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk
[2009/10/22 21:05:51 | 03,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Laura\Desktop\procexp.exe
[2009/10/22 20:41:52 | 00,001,164 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/22 04:19:04 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009/10/22 04:19:04 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/10/20 07:55:07 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/19 21:37:57 | 00,237,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/19 02:09:12 | 00,001,048 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/15 19:50:51 | 00,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/10/15 19:46:06 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/10/15 19:22:02 | 00,000,011 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\71F.VS7-ncn
[2009/10/13 20:37:59 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Laura\*.tmp files -> C:\Documents and Settings\Laura\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/07 22:04:14 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\HijackThis.lnk
[2009/11/07 19:22:52 | 00,001,976 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\Windows Vista Upgrade Advisor.lnk
[2009/11/07 19:21:16 | 00,001,905 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2009/11/07 19:21:16 | 00,001,905 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2009/11/07 18:57:11 | 00,006,078 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257638023544s.jpg
[2009/11/04 22:58:13 | 00,030,769 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\14261_1173012771648_1417890 480_30630720_7234912_n.jpg
[2009/11/04 22:58:06 | 00,024,736 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\14261_1173012731647_1417890 480_30630719_1178678_n.jpg
[2009/11/04 02:49:47 | 00,202,201 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257320524962.jpg
[2009/11/02 02:31:38 | 00,003,658 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257147131051s.jpg
[2009/11/02 02:31:29 | 00,002,503 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257147093187s.jpg
[2009/11/02 02:30:30 | 00,006,599 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257146138673s.jpg
[2009/11/02 02:30:01 | 00,010,263 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257146723994s.jpg
[2009/11/02 02:28:12 | 00,005,418 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257146626806s.jpg
[2009/11/02 02:27:54 | 00,006,405 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257146023003s.jpg
[2009/11/02 02:26:49 | 00,005,740 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257145966767s.jpg
[2009/11/02 02:26:29 | 00,105,153 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257146332836.png
[2009/11/02 02:25:32 | 00,006,040 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257145642844s.jpg
[2009/11/02 02:25:10 | 00,005,669 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257143544805s.jpg
[2009/11/02 02:10:39 | 00,007,963 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257145826006s.jpg
[2009/11/02 01:56:08 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/11/02 00:23:30 | 15,748,4384 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\OOo_3.1.1_Win32Intel_instal l_wJRE_en-US.exe
[2009/11/02 00:19:20 | 06,244,025 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\love20001.pdf
[2009/11/01 03:26:26 | 00,077,662 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1257058580267.jpg
[2009/10/30 00:28:27 | 00,058,469 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1256879777199.jpg
[2009/10/29 12:54:13 | 00,032,768 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\Personality Psychology Oct.doc
[2009/10/28 23:55:41 | 00,002,599 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1256772981436s.jpg
[2009/10/28 23:55:32 | 00,005,306 | ---- | C] () -- C:\Documents and Settings\Laura\Desktop\1256771406985s.jpg
[2009/10/22 23:07:44 | 00,001,587 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk
[2009/10/20 18:37:01 | 00,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{32491F5F-B34F-4F29-8F8F-9AB8B01E7AFC}.job
[2009/10/20 18:27:18 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/10/15 19:50:51 | 00,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/10/15 19:46:05 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/10/15 19:22:02 | 00,000,011 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\71F.VS7-ncn
[2008/10/26 21:05:32 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/02/04 17:31:33 | 00,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/02/04 17:31:33 | 00,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2005/06/10 09:35:01 | 00,011,264 | ---- | C] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/04/07 15:26:46 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\fusioncache.dat
[2005/04/04 17:27:04 | 00,063,104 | ---- | C] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2005/04/03 20:10:25 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Laura\Application Data\desktop.ini
[2005/04/03 20:10:24 | 03,768,008 | -H-- | C] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\IconCache.db
[2005/02/11 03:35:37 | 00,000,340 | ---- | C] () -- C:\WINDOWS\usta33.ini
[2005/02/10 19:25:22 | 00,000,076 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/12/29 23:26:45 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/12/29 23:26:44 | 00,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2004/11/24 17:20:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/11/09 09:35:28 | 00,000,039 | ---- | C] () -- C:\WINDOWS\wininit.ini_
[2004/11/01 17:42:54 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\cacore.dll
[2004/10/23 16:39:44 | 00,031,232 | ---- | C] () -- C:\WINDOWS\System32\zilla.dll
[2004/10/23 08:37:26 | 00,000,478 | ---- | C] () -- C:\WINDOWS\System32\sysfile.dll
[2004/10/22 22:06:26 | 00,005,030 | ---- | C] () -- C:\WINDOWS\Muahxzkb.ini
[2004/10/22 21:42:30 | 00,081,972 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2004/10/20 17:37:29 | 00,099,328 | ---- | C] () -- C:\WINDOWS\System32\lvwwv.dll
[2004/10/05 20:12:17 | 00,000,045 | ---- | C] () -- C:\WINDOWS\BGKJFLI.ini
[2004/09/17 17:37:42 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/09/13 11:58:01 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/25 17:58:20 | 00,000,446 | ---- | C] () -- C:\WINDOWS\System32\MSrev23.dll
[2004/08/25 17:58:18 | 00,001,806 | ---- | C] () -- C:\WINDOWS\System32\MSrev43.dll
[2004/08/25 17:57:44 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2004/08/25 17:57:44 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2004/08/25 15:24:59 | 00,001,129 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2004/02/26 01:18:04 | 00,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2004/02/20 20:27:46 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll_
[2003/12/18 08:38:45 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/12/18 06:47:09 | 00,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2003/12/18 06:46:18 | 00,000,310 | ---- | C] () -- C:\WINDOWS\net2fone.ini
[2003/12/18 06:26:09 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/12/18 05:54:33 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2003/12/18 05:52:33 | 00,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2003/12/18 05:52:33 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2003/12/18 05:52:33 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll_
[2003/12/18 05:50:45 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2003/12/17 21:35:32 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2003/12/17 12:30:48 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[2003/12/17 12:30:48 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[2003/12/17 12:30:48 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll_
[2003/12/17 12:30:41 | 00,001,094 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/12/17 12:30:41 | 00,000,465 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2003/12/17 12:30:15 | 00,001,048 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/12/17 12:30:11 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/10/08 12:34:26 | 00,121,440 | ---- | C] () -- C:\WINDOWS\System32\MSDRMCtrl.dll
[2003/09/24 21:32:13 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\FlashIcon.dll
[2003/03/31 07:00:00 | 00,000,008 | ---- | C] () -- C:\WINDOWS\System32\FInstall.sys
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/08/28 20:27:50 | 00,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys

========== LOP Check ==========

[2009/10/22 21:35:18 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\24bb5
[2009/10/13 22:23:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/10/22 23:07:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2009/10/13 22:24:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2005/08/30 19:23:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2004/10/24 15:10:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2009/10/14 23:30:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/10/15 19:50:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/10/26 21:12:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\acccore
[2005/04/03 20:52:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\Aim
[2003/12/18 06:27:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\InterTrust
[2005/04/27 18:05:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Laura\Application Data\Webshots
[2003/03/31 07:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/11/07 23:49:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/11/07 14:36:51 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{32491F5F-B34F-4F29-8F8F-9AB8B01E7AFC}.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< %systemroot%\System32\antiwpa.dll >

< %systemroot%\SYSTEM32\wpa.dll >

< %systemroot%\setup\scripts\biestart.exe >

< %systemroot%\system32\drivers\royal.sys >

< %systemroot%\system32\oobe\AntiWPA_Crypt.dll >

< %TEMP%\antiwpa_crypt.dll >

< %TEMP%\antiwpa.dll /s >

< %PROGRAMFILES%\antiwpa.dll /s >

< %systemroot%\system32\crypt.dll >

< %TEMP%\crypt.dll >

< %SYSTEMDRIVE%\*. >
[2009/11/07 22:25:55 | 00,000,000 | -H-D | M] -- C:\$AVG8.VAULT$
[2009/10/19 19:59:05 | 00,000,000 | ---D | M] -- C:\859a169f865c6af65e3a2699dc50
[2004/03/08 21:51:06 | 00,000,000 | -H-D | M] -- C:\bundle
[2009/07/26 19:50:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings
[2004/02/28 02:47:25 | 00,000,000 | ---D | M] -- C:\Drivers
[2004/09/13 11:49:54 | 00,000,000 | RH-D | M] -- C:\MSOCache
[2005/08/30 19:21:03 | 00,000,000 | ---D | M] -- C:\muvs8i
[2003/12/18 06:41:14 | 00,000,000 | ---D | M] -- C:\My Music
[2009/11/07 22:04:12 | 00,000,000 | ---D | M] -- C:\Program Files
[2006/08/09 20:09:07 | 00,000,000 | -HSD | M] -- C:\RECYCLER
[2006/02/04 16:03:36 | 00,000,000 | -HSD | M] -- C:\System Volume Information
[2004/11/11 09:22:14 | 00,000,000 | ---D | M] -- C:\vscan71
[2009/11/07 19:24:40 | 00,000,000 | ---D | M] -- C:\WINDOWS

< %SYSTEMDRIVE%\*.* >
[2004/08/25 04:20:36 | 00,000,606 | ---- | M] () -- C:\aol.ini
[2005/08/29 21:24:25 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2003/12/18 05:43:41 | 00,000,000 | RHS- | M] () -- C:\CONFIG.SYS
[2004/12/31 10:50:57 | 00,000,055 | ---- | M] () -- C:\DVDPATH.TXT
[2006/02/04 16:49:46 | 00,002,421 | ---- | M] () -- C:\eradicate.txt
[2001/09/05 21:00:58 | 01,700,352 | ---- | M] (Microsoft Corporation) -- C:\gdiplus.dll
[2009/11/07 23:49:24 | 53,535,1296 | -HS- | M] () -- C:\hiberfil.sys
[2003/12/18 05:43:41 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/22 23:08:08 | 00,005,098 | -H-- | M] () -- C:\IPH.PH
[2005/10/04 19:33:55 | 00,000,048 | -HS- | M] () -- C:\LSWMV.INI
[2003/12/18 05:43:41 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2005/08/29 21:10:40 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/10/19 23:27:07 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/11/07 23:49:22 | 80,530,6368 | -HS- | M] () -- C:\pagefile.sys
[2006/02/03 17:00:51 | 00,003,267 | ---- | M] () -- C:\scan.txt
[2004/12/15 12:11:33 | 00,087,623 | ---- | M] () -- C:\tmp.txt

< %PROGRAMFILES%\*. >
[2009/11/02 01:52:33 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/10/13 22:20:33 | 00,000,000 | ---D | M] -- C:\Program Files\aim
[2009/10/22 23:13:20 | 00,000,000 | ---D | M] -- C:\Program Files\AIM Toolbar
[2009/10/22 23:07:33 | 00,000,000 | ---D | M] -- C:\Program Files\AIM7
[2009/10/22 23:03:45 | 00,000,000 | ---D | M] -- C:\Program Files\America Online 9.0
[2005/04/03 20:52:14 | 00,000,000 | ---D | M] -- C:\Program Files\AOD
[2003/12/18 06:41:50 | 00,000,000 | ---D | M] -- C:\Program Files\AOL Companion
[2008/10/30 17:39:23 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2004/02/20 20:30:47 | 00,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2009/08/03 20:48:11 | 00,000,000 | ---D | M] -- C:\Program Files\AVG
[2004/08/25 04:20:49 | 00,000,000 | ---D | M] -- C:\Program Files\AWS
[2003/12/18 06:33:11 | 00,000,000 | ---D | M] -- C:\Program Files\BigFix
[2009/10/15 19:47:22 | 00,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2005/08/21 19:11:21 | 00,000,000 | ---D | M] -- C:\Program Files\Cisco Systems
[2009/08/17 09:58:58 | 00,000,000 | ---D | M] -- C:\Program Files\CNS Vital Signs
[2009/10/22 23:08:21 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2003/12/18 05:41:11 | 00,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/10/22 23:18:11 | 00,000,000 | ---D | M] -- C:\Program Files\CompuServe 7.0
[2004/02/20 20:01:16 | 00,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2004/10/12 23:47:00 | 00,000,000 | ---D | M] -- C:\Program Files\FunWebProducts-MyTotalSearch
[2004/02/24 17:46:41 | 00,000,000 | ---D | M] -- C:\Program Files\Generic
[2004/06/30 05:26:35 | 00,000,000 | ---D | M] -- C:\Program Files\HighMAT CD Writing Wizard
[2004/08/25 15:48:25 | 00,000,000 | ---D | M] -- C:\Program Files\HP
[2005/04/07 16:33:48 | 00,000,000 | ---D | M] -- C:\Program Files\ICQ
[2004/10/05 10:16:40 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2004/11/24 15:48:25 | 00,000,000 | ---D | M] -- C:\Program Files\InterActual
[2009/11/07 03:16:21 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/10/15 19:49:28 | 00,000,000 | ---D | M] -- C:\Program Files\iPod
[2009/10/22 23:35:36 | 00,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2009/10/15 19:50:32 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes
[2008/10/19 14:28:21 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2003/12/18 06:43:58 | 00,000,000 | ---D | M] -- C:\Program Files\JavaSoft
[2009/10/15 19:23:59 | 00,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2009/10/22 21:45:34 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger
[2004/09/13 11:56:45 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2003/12/18 05:43:53 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2003/12/18 06:34:53 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Money
[2004/09/13 11:56:05 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/10/22 23:59:27 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Picture It! 9
[2009/10/14 21:45:40 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/11/07 19:22:49 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
[2003/12/18 06:36:47 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2004/09/13 11:52:01 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2008/10/19 23:36:24 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/11/08 00:00:07 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/10/19 19:59:48 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2003/12/18 05:40:29 | 00,000,000 | ---D | M] -- C:\Program Files\MSN
[2003/12/18 06:14:05 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Encarta Plus
[2003/12/18 05:40:19 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2004/06/30 05:28:24 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2004/10/12 23:47:02 | 00,000,000 | ---D | M] -- C:\Program Files\MyTotalSearch
[2005/04/04 16:12:44 | 00,000,000 | ---D | M] -- C:\Program Files\myTunes Redux
[2008/10/17 23:47:49 | 00,000,000 | ---D | M] -- C:\Program Files\Netflix
[2009/10/23 14:10:02 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2003/12/18 06:46:04 | 00,000,000 | ---D | M] -- C:\Program Files\Netscape
[2005/08/30 19:22:44 | 00,000,000 | ---D | M] -- C:\Program Files\Network Associates
[2004/10/24 16:05:20 | 00,000,000 | ---D | M] -- C:\Program Files\NoAdware
[2003/12/18 05:42:14 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/10/22 21:35:15 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2004/06/30 05:21:29 | 00,000,000 | ---D | M] -- C:\Program Files\Program Shortcuts
[2004/08/26 10:20:43 | 00,000,000 | ---D | M] -- C:\Program Files\PWRSMND1
[2009/10/23 00:06:22 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2003/12/18 06:41:09 | 00,000,000 | ---D | M] -- C:\Program Files\Real
[2009/10/19 19:59:26 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2005/04/07 16:52:44 | 00,000,000 | ---D | M] -- C:\Program Files\Security Task Manager
[2009/10/23 00:07:34 | 00,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2004/10/27 14:04:13 | 00,000,000 | ---D | M] -- C:\Program Files\STOPzilla!
[2004/11/18 09:44:41 | 00,000,000 | ---D | M] -- C:\Program Files\StreamCast
[2008/10/19 14:28:48 | 00,000,000 | ---D | M] -- C:\Program Files\Sun
[2005/08/30 19:13:12 | 00,000,000 | ---D | M] -- C:\Program Files\Symantec
[2003/12/18 05:50:45 | 00,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/11/07 22:04:12 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2003/12/18 06:25:19 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2008/10/26 21:42:50 | 00,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2006/02/04 17:31:28 | 00,000,000 | ---D | M] -- C:\Program Files\Webroot
[2009/10/23 00:09:10 | 00,000,000 | ---D | M] -- C:\Program Files\Webshots
[2006/02/04 17:06:55 | 00,000,000 | ---D | M] -- C:\Program Files\WildTangent
[2009/11/07 18:43:17 | 00,000,000 | ---D | M] -- C:\Program Files\Winamp
[2006/02/04 17:29:54 | 00,000,000 | ---D | M] -- C:\Program Files\Windows FormatAd
[2009/10/23 00:09:18 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2009/10/23 00:42:14 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/10/23 00:10:01 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/05/04 23:52:53 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/04/07 16:35:43 | 00,000,000 | ---D | M] -- C:\Program Files\WinMX
[2003/12/18 05:43:53 | 00,000,000 | ---D | M] -- C:\Program Files\xerox
[2005/02/15 20:21:40 | 00,000,000 | ---D | M] -- C:\Program Files\XML
[2006/04/22 16:54:05 | 00,000,000 | ---D | M] -- C:\Program Files\Yahoo!

========== Alternate Data Streams ==========

@Alternate Data Stream - 2628 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxA aaqpcawXc
< End of report >

Pancake · 11-08-2009

You will need to download ComboFix.exe. Download Combofix from any of the links below. You must rename it before saving it. Name it ComFx, and Save it to your desktop.

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe

* IMPORTANT !!! Save ComboFix.exe to your Desktop
It is important that it is saved and renamed following this process directly to your desktop**

========================================
Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open *notepad* and copy/paste the red text in the quotebox below into it:

File::
Folder::
C:\WINDOWS\System32\nsvsvc
C:\WINDOWS\System32\picsvr
C:\Program Files\Viewpoint
Registry::
DDS::

Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.

Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt
Please copy and paste the ComboFix.txt in your next reply please.

*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.Altering this script in any way could damage your computer*

11-08-2009	#1
jackbuttmommys Bronze Member Join Date: Oct 2009 Posts: 10 PC Experience: PC Illiterate	Problem's with my mother's PC. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:05:05 PM, on 11/7/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\FastNetSrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Network Associates\VirusScan\vstskmgr.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Mirar R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = eMachines Official Site: Home R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = AOL.com - Welcome to AOL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = .local R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - {03402f96-3dc7-4285-bc50-9e81fefafe43} - (no file) R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: Star - {024E9230-8808-4CEC-BE9D-C6273AF2A9E9} - C:\WINDOWS\system32\8d78.dll (file missing) O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Documents and Settings\Laura\Desktop\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe O4 - HKCU\..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM7\aim.exe" /d locale=en-US O4 - Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1125363955750 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: fastnetsrv Service (fastnetsrv) - Netopsystems A - C:\WINDOWS\system32\FastNetSrv.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\System32\HPZipm12.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe -- End of file - 8492 bytes

11-08-2009	#2
jackbuttmommys Bronze Member Join Date: Oct 2009 Posts: 10 PC Experience: PC Illiterate	Re: Problem's with my mother's PC. OTL logfile created on: 11/8/2009 12:01:50 AM - Run 2 OTL by OldTimer - Version 3.1.4.0 Folder = C:\Documents and Settings\Laura\My Documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 510.48 Mb Total Physical Memory \| 190.11 Mb Available Physical Memory \| 37.24% Memory free 1.22 Gb Paging File \| 0.90 Gb Available in Paging File \| 73.81% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 74.53 Gb Total Space \| 56.49 Gb Free Space \| 75.80% Space Free \| Partition Type: NTFS Drive D: \| 2.87 Gb Total Space \| 0.00 Gb Free Space \| 0.00% Space Free \| Partition Type: UDF E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-E7NDL1JV3J Current User Name: Laura Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Laura\My Documents\Downloads\OTL(2).exe (OldTimer Tools) PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe (Adobe Systems Incorporated) PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) PRC - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation) PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation) PRC - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe (Network Associates, Inc.) PRC - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe (Network Associates, Inc.) PRC - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe (Network Associates, Inc.) PRC - C:\WINDOWS\system32\ati2evxx.exe () PRC - C:\WINDOWS\system32\BCMWLTRY.EXE (Motorola Inc.) PRC - C:\WINDOWS\system32\WLTRYSVC.EXE () PRC - C:\WINDOWS\system32\slserv.exe ( ) PRC - C:\Program Files\Common Files\AOL\ACS\acsd.exe (America Online, Inc.) PRC - C:\WINDOWS\system32\opeia.exe (Andreas Hausladen) PRC - C:\WINDOWS\system32\FastNetSrv.exe (Netopsystems AG) PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.) PRC - C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Laura\My Documents\Downloads\OTL(2).exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Pml Driver HPZ12) -- File not found SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (FontCache3.0.0.0) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe (Microsoft Corporation) SRV - (idsvc) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (NetTcpPortSharing) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe (Microsoft Corporation) SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe (Microsoft Corporation) SRV - (helpsvc) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation) SRV - (McTaskManager) -- C:\Program Files\Network Associates\VirusScan\vstskmgr.exe (Network Associates, Inc.) SRV - (McAfeeFramework) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe (Network Associates, Inc.) SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe () SRV - (WLTRYSVC) -- C:\WINDOWS\System32\wltrysvc.exe () SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( ) SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe (America Online, Inc.) SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (fastnetsrv) -- C:\WINDOWS\system32\FastNetSrv.exe (Netopsystems AG) SRV - (BtwSrv) -- C:\WINDOWS\system32\BtwSrv.dll (FTD2XX Software Technology) SRV - (WANMiniportService) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.) SRV - (WMDM PMSP Service) -- C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (GEARAspiWDM) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (atapi) -- C:\WINDOWS\System32\DRIVERS\atapi.sys () DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (MDC8021X) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications) DRV - (FETND5BV) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys (VIA Technologies, Inc. ) DRV - (NaiAvFilter1) -- C:\WINDOWS\system32\drivers\naiavf5x.sys (Network Associates, Inc.) DRV - (NaiAvTdi1) -- C:\WINDOWS\system32\drivers\mvstdi5x.sys (Network Associates, Inc.) DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\recagent.sys (Smart Link) DRV - (HPZius12) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP) DRV - (HPZid412) -- C:\WINDOWS\system32\drivers\hpzid412.sys (HP) DRV - (HPZipr12) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (ASCTRM) -- C:\WINDOWS\system32\drivers\asctrm.sys (Windows (R) 2000 DDK provider) DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (LSWPCv4) -- C:\WINDOWS\system32\drivers\rtl8180.sys (Realtek Semiconductor Corporation ) DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation) DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( ) DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( ) DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( ) DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( ) DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( ) DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Vireo Software) DRV - (FETNDISB) -- C:\WINDOWS\system32\drivers\fetnd5b.sys (VIA Technologies, Inc. ) DRV - (NTSIM) -- C:\WINDOWS\system32\ntsim.sys (VIA Networking, Inc. ) DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (wanatw) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.) DRV - (viaagp1) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = Bing IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Bing IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = eMachines Official Site: Home IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\CNNSI, = search.sportsillustrated.cnn.com/pages/search.jsp?query=%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Dictionary, = dictionary.reference.com/search?q=%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Google, = google.com/search?q=%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleGroups, = groups-beta.google.com/groups?q=%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleImages, = images.google.com/images?hl=en&lr=&q=%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleNews, = news.google.com/news?tab=gn&hl=en&ie=UTF-8&q=%s&btnG=Search+News IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KB, = support.microsoft.com/search/default.aspx?query=%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KBDLL, = support.microsoft.com/dllhelp/default.aspx?dlltype=file&l=55&alpha=%s&S=1 IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Movies, = fandango.com/my_box_office.asp?searchby=2&txtCityZip=%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = search.msn.com/results.asp?q=%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Thesaurus, = thesaurus.reference.com/search?q=%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Weather, = weather.com/weather/local/%s IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Yahoo, = search.yahoo.com/search?p=%s IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = .local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AIM Search" FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim&ncid=snsusaimc00000001" FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.424 FF - prefs.js..extensions.enabledItems: avg@igeared:2.609.002.003 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4 FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=" FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\: FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Components: C:\Program Files\Common Files\csshare\plugins0942 [2009/11/02 01:56:01 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Plugins: C:\Program Files\Common Files\csshare\plugins0942 [2009/11/02 01:56:01 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5 b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/11/03 11:51:38 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igea red: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/10/15 14:33:09 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Firefox\Extensions\\{20a8264 5-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/21 07:27:05 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/07 02:54:24 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/07 02:54:24 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Components: C:\Program Files\Netscape\Netscape 6\Components [2009/10/15 19:46:37 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape 6\Plugins [2009/11/02 01:56:01 \| 00,000,000 \| ---D \| M] [2008/10/17 22:33:12 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Extensions [2008/10/17 22:33:12 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/11/07 01:26:32 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\ext ensions [2009/10/21 16:43:29 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\ext ensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/11/07 01:26:24 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\ext ensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2009/10/22 23:18:45 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\ext ensions\{c2f863cd-0429-48c7-bb54-db756a951760} [2009/10/13 22:26:11 \| 00,004,207 \| ---- \| M] () -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\sea rchplugins\aim-search-1.xml [2009/10/22 23:18:50 \| 00,004,546 \| ---- \| M] () -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\sea rchplugins\aim-search-2.xml [2008/11/02 01:53:33 \| 00,001,769 \| ---- \| M] () -- C:\Documents and Settings\Laura\Application Data\Mozilla\Firefox\Profiles\jsyfhrre.default\sea rchplugins\aim-search.xml [2009/11/07 01:26:32 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions [2009/11/07 02:54:24 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2008/10/19 14:28:24 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2009/11/07 02:53:37 \| 00,023,544 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2009/11/07 02:53:37 \| 00,137,208 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2007/04/10 16:21:08 \| 00,163,256 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll [2006/02/07 15:41:38 \| 00,049,152 \| ---- \| M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll [2009/07/07 16:20:42 \| 00,061,440 \| ---- \| M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnu.dll [2009/07/07 16:20:42 \| 00,065,536 \| ---- \| M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll [2009/11/07 02:54:01 \| 00,065,016 \| ---- \| M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2007/03/22 18:23:30 \| 00,017,248 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL [2009/02/27 13:13:42 \| 00,103,792 \| ---- \| M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2009/10/15 19:46:32 \| 00,159,744 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll [2009/10/15 19:46:33 \| 00,159,744 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll [2009/10/15 19:46:33 \| 00,159,744 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll [2009/10/15 19:46:34 \| 00,159,744 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll [2009/10/15 19:46:34 \| 00,159,744 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll [2009/10/15 19:46:34 \| 00,159,744 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll [2009/10/15 19:46:34 \| 00,159,744 \| ---- \| M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll [2005/08/09 13:42:53 \| 00,057,344 \| ---- \| M] (America Online, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll [2007/04/16 12:07:12 \| 00,180,293 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll [2009/11/07 02:54:08 \| 00,001,394 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml [2009/11/07 02:54:09 \| 00,002,193 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml [2009/08/03 20:53:53 \| 00,001,489 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml [2009/11/07 02:54:09 \| 00,001,534 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml [2009/11/07 02:54:09 \| 00,002,344 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml [2009/11/07 02:54:09 \| 00,002,371 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2009/10/22 20:42:29 \| 00,001,210 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\search.xml [2009/11/07 02:54:10 \| 00,001,178 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml [2009/11/07 02:54:10 \| 00,000,792 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml O1 HOSTS File: (1164 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 Igetnet.com O1 - Hosts: 127.0.0.1 code.ignphrases.com O1 - Hosts: 127.0.0.1 clear-search.com O1 - Hosts: 127.0.0.1 r1.clrsch.com O1 - Hosts: 127.0.0.1 sds.clrsch.com O1 - Hosts: 127.0.0.1 status.clrsch.com O1 - Hosts: 127.0.0.1 www.clrsch.com O1 - Hosts: 127.0.0.1 clr-sch.com O1 - Hosts: 127.0.0.1 sds-qckads.com O1 - Hosts: 127.0.0.1 status.qckads.com O1 - Hosts: 127.0.0.1 status.qckads.com O1 - Hosts: 127.0.0.1 status.qckads.com O1 - Hosts: 127.0.0.1 status.qckads.com O1 - Hosts: 127.0.0.1 status.qckads.com O1 - Hosts: 127.0.0.1 status.qckads.com O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (Star) - {024E9230-8808-4CEC-BE9D-C6273AF2A9E9} - C:\WINDOWS\System32\8d78.dll File not found O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Star) - {024E9230-8808-4CEC-BE9D-C6273AF2A9E9} - C:\WINDOWS\System32\8d78.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (AIM Search) - {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Documents and Settings\Laura\Desktop\Malwarebytes' Anti-Malware\mbam.exe File not found O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKCU..\Run: [Aim] C:\Program Files\AIM7\aim.exe (AOL LLC) O4 - HKCU..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe File not found O4 - HKCU..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe File not found O4 - Startup: C:\Documents and Settings\Laura\Start Menu\Programs\Startup\Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 91 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoSaveSettings = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe (America Online, Inc.) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe File not found O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/downlo...22/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1125363955750 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.co...AB?38167.48875 (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub...sh/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.25.5.61 24.25.5.60 O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - File not found O24 - Desktop Components:0 (My Current Home Page) - About:Home O27 - HKLM IFEO\brastk.exe: Debugger - svchost.exe (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/01/19 15:00:00 \| 00,000,043 \| R--- \| M] () - D:\autorun.inf -- [ UDF ] O33 - MountPoints2\{22f86a98-9c79-11de-9f19-00038a000015}\Shell - "" = AutoRun O33 - MountPoints2\{22f86a98-9c79-11de-9f19-00038a000015}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{22f86a99-9c79-11de-9f19-00038a000015}\Shell - "" = AutoRun O33 - MountPoints2\{22f86a99-9c79-11de-9f19-00038a000015}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: () - File not found O34 - HKLM BootExecute: (SsiEfr.ex) - File not found O34 - HKLM BootExecute: (otExecute) - File not found O34 - HKLM BootExecute: (settings...) - File not found O34 - HKLM BootExecute: (on\Exp) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found

11-08-2009	#3
jackbuttmommys Bronze Member Join Date: Oct 2009 Posts: 10 PC Experience: PC Illiterate	Re: Problem's with my mother's PC. NetSvcs: BtwSrv - C:\WINDOWS\system32\BtwSrv.dll (FTD2XX Software Technology) NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2003/12/18 05:43:11 \| 00,000,000 \| ---D \| M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) NetSvcs: Ip6FwHlp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk - C:\Program Files\BigFix\BigFix.exe - (BigFix Inc.) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyTotalSearch Email Plugin.lnk - C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE - (MyTotalSearch.com) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk - Reg Error: Value error. - File not found MsConfig - StartUpFolder: C:^Documents and Settings^User^Start Menu^Programs^Startup^MyTotalSearch Email Plugin.lnk - C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE - (MyTotalSearch.com) MsConfig - StartUpReg: 180ax - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: AIM - hkey= - key= - C:\PROGRA~1\aim\aim.exe -cnetwait.odl File not found MsConfig - StartUpReg: app - hkey= - key= - File not found MsConfig - StartUpReg: aqadcup - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: ATIModeChange - hkey= - key= - File not found MsConfig - StartUpReg: ATIPTA - hkey= - key= - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe File not found MsConfig - StartUpReg: Create A Monster - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: Dmupoi - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: EbatesMoeMoneyMaker0 - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: ErrorGuard - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: exp.exe - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: fash - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: FlashIcon - hkey= - key= - C:\Program Files\Generic\USB Card Reader Driver v2.2e\FlashIcon.EXE File not found MsConfig - StartUpReg: HP Component Manager - hkey= - key= - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company) MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard) MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: Jawa32 - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found MsConfig - StartUpReg: kvern16.dll - hkey= - key= - File not found MsConfig - StartUpReg: loads.exe - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: McAfeeUpdaterUI - hkey= - key= - C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe File not found MsConfig - StartUpReg: me69N - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: mediamotor.exe - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe File not found MsConfig - StartUpReg: MyTotalSearch Email Plugin - hkey= - key= - C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE (MyTotalSearch.com) MsConfig - StartUpReg: NaviSearch - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: pgtaff - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: pmr - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: prvtect - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe File not found MsConfig - StartUpReg: r7oX33V - hkey= - key= - File not found MsConfig - StartUpReg: RealTray - hkey= - key= - C:\Program Files\Real\RealPlayer\RealPlay.exe File not found MsConfig - StartUpReg: RoxioAudioCentral - hkey= - key= - C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe File not found MsConfig - StartUpReg: RoxioDragToDisc - hkey= - key= - C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe File not found MsConfig - StartUpReg: RoxioEngineUtility - hkey= - key= - C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe File not found MsConfig - StartUpReg: Rxagik - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: ShStatEXE - hkey= - key= - C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE File not found MsConfig - StartUpReg: sixtysix - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: STOPzilla - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: SurfSideKick 2 - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) MsConfig - StartUpReg: SynTPLpr - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) MsConfig - StartUpReg: Tsa - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: vernn16.dll - hkey= - key= - File not found MsConfig - StartUpReg: ViewMgr - hkey= - key= - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation) MsConfig - StartUpReg: VVSN - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: Windows AdControl - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: WinTask driver - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: winupdtl - hkey= - key= - Reg Error: Value error. File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML) ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Macromedia Shockwave Director 10.1.1 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1.1 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009 ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925 ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser .NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167 ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297) ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894 ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994 ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: Microsoft Base Smart Card Crypto Provider Package - Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.msg723 - msg723.acm File not found Drivers32: msacm.sl_anet - sl_anet.acm File not found Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.LEAD - LCODCCMP.DLL File not found Drivers32: vidc.wmv3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation) ========== Files/Folders - Created Within 30 Days ========== [2009/11/07 22:04:12 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Trend Micro [2009/11/07 19:24:40 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Performance [2009/11/07 19:23:24 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Corporation [2009/11/07 19:22:48 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Windows Vista Upgrade Advisor [2009/11/07 03:10:27 \| 00,000,000 \| -H-D \| C] -- C:\WINDOWS\ie8 [2009/11/07 02:56:44 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Laura\My Documents\Downloads [2009/11/02 23:43:15 \| 00,033,280 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rundll32.exe [2009/11/02 23:43:15 \| 00,033,280 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe [2009/11/02 01:59:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Laura\Local Settings\Application Data\Adobe [2009/11/02 01:54:29 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Adobe [2009/11/02 01:50:48 \| 27,386,280 \| ---- \| C] ( ) -- C:\Documents and Settings\Laura\Desktop\AdbeRdr920_en_US(2).exe [2009/11/02 01:49:08 \| 27,386,280 \| ---- \| C] ( ) -- C:\Documents and Settings\Laura\Desktop\AdbeRdr920_en_US.exe [2009/10/28 00:09:08 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Laura\Application Data\U3 [2009/10/22 23:08:21 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Software Update Utility [2009/10/22 23:07:45 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\AIM [2009/10/22 23:07:17 \| 00,000,000 \| ---D \| C] -- C:\Program Files\AIM7 [2009/10/22 22:01:47 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Laura\Local Settings\Application Data\AVG Security Toolbar [2009/10/22 21:11:47 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Laura\Application Data\Malwarebytes [2009/10/22 21:11:34 \| 00,038,224 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/10/22 21:11:32 \| 00,019,160 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/10/22 21:11:32 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2009/10/22 21:05:45 \| 03,550,592 \| ---- \| C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Laura\Desktop\procexp.exe [2009/10/22 19:39:44 \| 00,000,000 \| -HSD \| C] -- C:\Documents and Settings\All Users\Application Data\24bb5 [2009/10/20 18:37:04 \| 00,000,000 \| -HSD \| C] -- C:\Documents and Settings\Laura\IECompatCache [2009/10/19 20:00:04 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\XPSViewer [2009/10/19 19:59:48 \| 00,000,000 \| ---D \| C] -- C:\Program Files\MSBuild [2009/10/19 19:59:26 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Reference Assemblies [2009/10/19 19:58:06 \| 00,117,760 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2009/10/19 19:58:05 \| 00,597,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesv c.exe [2009/10/19 19:58:05 \| 00,575,488 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll [2009/10/19 19:58:05 \| 00,575,488 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2009/10/19 19:58:05 \| 00,089,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintpr oc.dll [2009/10/19 19:58:04 \| 01,676,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2009/10/19 19:58:04 \| 01,676,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2009/10/19 19:58:02 \| 00,000,000 \| ---D \| C] -- C:\859a169f865c6af65e3a2699dc50 [2009/10/18 12:45:53 \| 00,000,000 \| -HSD \| C] -- C:\Documents and Settings\Laura\PrivacIE [2009/10/18 12:37:48 \| 00,000,000 \| -HSD \| C] -- C:\Documents and Settings\Laura\IETldCache [2009/10/17 22:14:38 \| 00,012,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll [2009/10/17 22:14:32 \| 00,246,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll [2009/10/17 22:14:22 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\ie8updates [2009/10/17 22:13:51 \| 00,092,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll [2009/10/17 22:07:31 \| 00,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe [2009/10/15 19:49:28 \| 00,000,000 \| ---D \| C] -- C:\Program Files\iPod [2009/10/15 19:49:03 \| 00,000,000 \| ---D \| C] -- C:\Program Files\iTunes [2009/10/15 19:49:03 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/10/15 19:47:19 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Bonjour [2009/10/15 19:45:26 \| 00,000,000 \| ---D \| C] -- C:\Program Files\QuickTime [2009/10/15 12:06:40 \| 01,315,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll [2009/10/15 12:02:21 \| 00,153,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll [2009/10/15 12:02:17 \| 00,128,512 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx [2009/10/15 11:41:44 \| 00,215,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll [2009/10/15 11:41:44 \| 00,016,736 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2009/10/15 11:41:43 \| 00,274,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2009/10/14 23:30:55 \| 00,000,000 \| ---D \| C] -- C:\Program Files\AIM Toolbar [2009/10/14 21:45:40 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Silverlight [2009/10/13 22:25:26 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Laura\Local Settings\Application Data\AIM [2009/10/13 22:24:06 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar [2009/10/13 22:24:04 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Laura\Local Settings\Application Data\AIM Toolbar [2009/10/13 22:23:43 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\acccore [2003/12/18 05:52:33 \| 00,014,976 \| ---- \| C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys [2003/12/17 12:30:48 \| 01,301,704 \| ---- \| C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2003/12/17 12:30:48 \| 00,548,888 \| ---- \| C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys [2003/12/17 12:30:48 \| 00,221,736 \| ---- \| C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2003/12/17 12:30:48 \| 00,167,352 \| ---- \| C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2003/12/17 12:30:48 \| 00,086,512 \| ---- \| C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys [4 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [2 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] [1 C:\Documents and Settings\Laura\.tmp files -> C:\Documents and Settings\Laura\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2009/11/08 00:09:00 \| 00,000,364 \| ---- \| M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job [2009/11/07 23:59:26 \| 00,001,170 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2009/11/07 23:49:32 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2009/11/07 23:49:27 \| 00,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2009/11/07 23:49:24 \| 53,535,1296 \| -HS- \| M] () -- C:\hiberfil.sys [2009/11/07 22:04:17 \| 04,718,592 \| ---- \| M] () -- C:\Documents and Settings\Laura\NTUser.dat [2009/11/07 22:04:14 \| 00,001,734 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\HijackThis.lnk [2009/11/07 19:38:09 \| 00,001,905 \| ---- \| M] () -- C:\WINDOWS\diagwrn.xml [2009/11/07 19:38:09 \| 00,001,905 \| ---- \| M] () -- C:\WINDOWS\diagerr.xml [2009/11/07 19:23:19 \| 00,063,104 \| ---- \| M] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/11/07 19:22:52 \| 00,001,976 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\Windows Vista Upgrade Advisor.lnk [2009/11/07 18:57:13 \| 00,006,078 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257638023544s.jpg [2009/11/07 16:06:04 \| 00,000,278 \| -HS- \| M] () -- C:\Documents and Settings\Laura\ntuser.ini [2009/11/07 14:36:51 \| 00,000,422 \| -H-- \| M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{32491F5F-B34F-4F29-8F8F-9AB8B01E7AFC}.job [2009/11/07 14:34:11 \| 00,000,512 \| ---- \| M] () -- C:\WINDOWS\randseed.rnd [2009/11/07 14:31:09 \| 00,086,275 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009/11/07 14:31:08 \| 44,777,068 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009/11/07 03:54:15 \| 00,001,374 \| ---- \| M] () -- C:\WINDOWS\imsins.BAK [2009/11/07 03:53:13 \| 03,768,008 \| -H-- \| M] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\IconCache.db [2009/11/04 22:58:14 \| 00,030,769 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\14261_1173012771648_1417890 480_30630720_7234912_n.jpg [2009/11/04 22:58:09 \| 00,024,736 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\14261_1173012731647_1417890 480_30630719_1178678_n.jpg [2009/11/04 02:49:51 \| 00,202,201 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257320524962.jpg [2009/11/02 23:43:16 \| 00,033,280 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\rundll32.exe [2009/11/02 23:43:16 \| 00,033,280 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe [2009/11/02 02:31:38 \| 00,003,658 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257147131051s.jpg [2009/11/02 02:31:30 \| 00,002,503 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257147093187s.jpg [2009/11/02 02:30:31 \| 00,006,599 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257146138673s.jpg [2009/11/02 02:30:02 \| 00,010,263 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257146723994s.jpg [2009/11/02 02:28:13 \| 00,005,418 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257146626806s.jpg [2009/11/02 02:27:55 \| 00,006,405 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257146023003s.jpg [2009/11/02 02:26:49 \| 00,005,740 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257145966767s.jpg [2009/11/02 02:26:30 \| 00,105,153 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257146332836.png [2009/11/02 02:25:32 \| 00,006,040 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257145642844s.jpg [2009/11/02 02:25:11 \| 00,005,669 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257143544805s.jpg [2009/11/02 02:10:41 \| 00,007,963 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257145826006s.jpg [2009/11/02 01:56:08 \| 00,001,729 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2009/11/02 01:51:06 \| 27,386,280 \| ---- \| M] ( ) -- C:\Documents and Settings\Laura\Desktop\AdbeRdr920_en_US(2).exe [2009/11/02 01:49:58 \| 27,386,280 \| ---- \| M] ( ) -- C:\Documents and Settings\Laura\Desktop\AdbeRdr920_en_US.exe [2009/11/02 00:39:55 \| 15,748,4384 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\OOo_3.1.1_Win32Intel_instal l_wJRE_en-US.exe [2009/11/02 00:19:29 \| 06,244,025 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\love20001.pdf [2009/11/01 23:31:23 \| 00,444,596 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2009/11/01 23:31:22 \| 00,525,770 \| ---- \| M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/11/01 23:31:22 \| 00,072,306 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2009/11/01 03:26:36 \| 00,077,662 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1257058580267.jpg [2009/10/30 00:28:28 \| 00,058,469 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1256879777199.jpg [2009/10/29 12:59:47 \| 00,032,768 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\Personality Psychology Oct.doc [2009/10/28 23:55:42 \| 00,002,599 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1256772981436s.jpg [2009/10/28 23:55:33 \| 00,005,306 \| ---- \| M] () -- C:\Documents and Settings\Laura\Desktop\1256771406985s.jpg [2009/10/22 23:08:08 \| 00,005,098 \| -H-- \| M] () -- C:\IPH.PH [2009/10/22 23:07:44 \| 00,001,587 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk [2009/10/22 21:05:51 \| 03,550,592 \| ---- \| M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Laura\Desktop\procexp.exe [2009/10/22 20:41:52 \| 00,001,164 \| RHS- \| M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009/10/22 04:19:04 \| 05,939,712 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll [2009/10/22 04:19:04 \| 05,939,712 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2009/10/20 07:55:07 \| 00,000,284 \| ---- \| M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009/10/19 21:37:57 \| 00,237,552 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/10/19 02:09:12 \| 00,001,048 \| ---- \| M] () -- C:\WINDOWS\win.ini [2009/10/15 19:50:51 \| 00,001,804 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2009/10/15 19:46:06 \| 00,001,604 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2009/10/15 19:22:02 \| 00,000,011 \| -H-- \| M] () -- C:\Documents and Settings\All Users\Documents\71F.VS7-ncn [2009/10/13 20:37:59 \| 00,492,629 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [4 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [2 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] [1 C:\Documents and Settings\Laura\.tmp files -> C:\Documents and Settings\Laura\.tmp -> ] ========== Files Created - No Company Name ========== [2009/11/07 22:04:14 \| 00,001,734 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\HijackThis.lnk [2009/11/07 19:22:52 \| 00,001,976 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\Windows Vista Upgrade Advisor.lnk [2009/11/07 19:21:16 \| 00,001,905 \| ---- \| C] () -- C:\WINDOWS\diagwrn.xml [2009/11/07 19:21:16 \| 00,001,905 \| ---- \| C] () -- C:\WINDOWS\diagerr.xml [2009/11/07 18:57:11 \| 00,006,078 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257638023544s.jpg [2009/11/04 22:58:13 \| 00,030,769 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\14261_1173012771648_1417890 480_30630720_7234912_n.jpg [2009/11/04 22:58:06 \| 00,024,736 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\14261_1173012731647_1417890 480_30630719_1178678_n.jpg [2009/11/04 02:49:47 \| 00,202,201 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257320524962.jpg [2009/11/02 02:31:38 \| 00,003,658 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257147131051s.jpg [2009/11/02 02:31:29 \| 00,002,503 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257147093187s.jpg [2009/11/02 02:30:30 \| 00,006,599 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257146138673s.jpg [2009/11/02 02:30:01 \| 00,010,263 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257146723994s.jpg [2009/11/02 02:28:12 \| 00,005,418 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257146626806s.jpg [2009/11/02 02:27:54 \| 00,006,405 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257146023003s.jpg [2009/11/02 02:26:49 \| 00,005,740 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257145966767s.jpg [2009/11/02 02:26:29 \| 00,105,153 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257146332836.png [2009/11/02 02:25:32 \| 00,006,040 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257145642844s.jpg [2009/11/02 02:25:10 \| 00,005,669 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257143544805s.jpg [2009/11/02 02:10:39 \| 00,007,963 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257145826006s.jpg [2009/11/02 01:56:08 \| 00,001,729 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2009/11/02 00:23:30 \| 15,748,4384 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\OOo_3.1.1_Win32Intel_instal l_wJRE_en-US.exe [2009/11/02 00:19:20 \| 06,244,025 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\love20001.pdf [2009/11/01 03:26:26 \| 00,077,662 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1257058580267.jpg [2009/10/30 00:28:27 \| 00,058,469 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1256879777199.jpg [2009/10/29 12:54:13 \| 00,032,768 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\Personality Psychology Oct.doc [2009/10/28 23:55:41 \| 00,002,599 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1256772981436s.jpg [2009/10/28 23:55:32 \| 00,005,306 \| ---- \| C] () -- C:\Documents and Settings\Laura\Desktop\1256771406985s.jpg [2009/10/22 23:07:44 \| 00,001,587 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk [2009/10/20 18:37:01 \| 00,000,422 \| -H-- \| C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{32491F5F-B34F-4F29-8F8F-9AB8B01E7AFC}.job [2009/10/20 18:27:18 \| 01,089,593 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat [2009/10/15 19:50:51 \| 00,001,804 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2009/10/15 19:46:05 \| 00,001,604 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2009/10/15 19:22:02 \| 00,000,011 \| -H-- \| C] () -- C:\Documents and Settings\All Users\Documents\71F.VS7-ncn [2008/10/26 21:05:32 \| 00,000,029 \| ---- \| C] () -- C:\WINDOWS\atid.ini [2006/06/29 13:58:52 \| 00,030,808 \| ---- \| C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [2006/06/29 13:53:56 \| 00,026,489 \| ---- \| C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 14:39:28 \| 00,029,779 \| ---- \| C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/04/18 14:39:28 \| 00,026,040 \| ---- \| C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006/02/04 17:31:33 \| 00,684,032 \| ---- \| C] () -- C:\WINDOWS\libeay32.dll [2006/02/04 17:31:33 \| 00,155,648 \| ---- \| C] () -- C:\WINDOWS\ssleay32.dll [2005/06/10 09:35:01 \| 00,011,264 \| ---- \| C] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005/04/07 15:26:46 \| 00,000,128 \| ---- \| C] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\fusioncache.dat [2005/04/04 17:27:04 \| 00,063,104 \| ---- \| C] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2005/04/03 20:10:25 \| 00,000,062 \| -HS- \| C] () -- C:\Documents and Settings\Laura\Application Data\desktop.ini [2005/04/03 20:10:24 \| 03,768,008 \| -H-- \| C] () -- C:\Documents and Settings\Laura\Local Settings\Application Data\IconCache.db [2005/02/11 03:35:37 \| 00,000,340 \| ---- \| C] () -- C:\WINDOWS\usta33.ini [2005/02/10 19:25:22 \| 00,000,076 \| ---- \| C] () -- C:\WINDOWS\wininit.ini [2004/12/29 23:26:45 \| 00,147,456 \| ---- \| C] () -- C:\WINDOWS\System32\ssleay32.dll [2004/12/29 23:26:44 \| 00,651,264 \| ---- \| C] () -- C:\WINDOWS\System32\libeay32.dll [2004/11/24 17:20:32 \| 00,000,000 \| ---- \| C] () -- C:\WINDOWS\iPlayer.INI [2004/11/09 09:35:28 \| 00,000,039 \| ---- \| C] () -- C:\WINDOWS\wininit.ini_ [2004/11/01 17:42:54 \| 00,151,552 \| ---- \| C] () -- C:\WINDOWS\System32\cacore.dll [2004/10/23 16:39:44 \| 00,031,232 \| ---- \| C] () -- C:\WINDOWS\System32\zilla.dll [2004/10/23 08:37:26 \| 00,000,478 \| ---- \| C] () -- C:\WINDOWS\System32\sysfile.dll [2004/10/22 22:06:26 \| 00,005,030 \| ---- \| C] () -- C:\WINDOWS\Muahxzkb.ini [2004/10/22 21:42:30 \| 00,081,972 \| ---- \| C] () -- C:\WINDOWS\System32\zlib.dll [2004/10/20 17:37:29 \| 00,099,328 \| ---- \| C] () -- C:\WINDOWS\System32\lvwwv.dll [2004/10/05 20:12:17 \| 00,000,045 \| ---- \| C] () -- C:\WINDOWS\BGKJFLI.ini [2004/09/17 17:37:42 \| 00,061,440 \| ---- \| C] () -- C:\WINDOWS\System32\vuins32.dll [2004/09/13 11:58:01 \| 00,000,376 \| ---- \| C] () -- C:\WINDOWS\ODBC.INI [2004/08/25 17:58:20 \| 00,000,446 \| ---- \| C] () -- C:\WINDOWS\System32\MSrev23.dll [2004/08/25 17:58:18 \| 00,001,806 \| ---- \| C] () -- C:\WINDOWS\System32\MSrev43.dll [2004/08/25 17:57:44 \| 00,081,920 \| ---- \| C] () -- C:\WINDOWS\System32\xmltok.dll [2004/08/25 17:57:44 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\xmlparse.dll [2004/08/25 15:24:59 \| 00,001,129 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2004/02/26 01:18:04 \| 00,565,248 \| ---- \| C] () -- C:\WINDOWS\System32\hpotscl.dll [2004/02/20 20:27:46 \| 00,086,016 \| ---- \| C] () -- C:\WINDOWS\System32\ati2evxx.dll_ [2003/12/18 08:38:45 \| 00,000,061 \| ---- \| C] () -- C:\WINDOWS\smscfg.ini [2003/12/18 06:47:09 \| 00,000,132 \| ---- \| C] () -- C:\WINDOWS\winamp.ini [2003/12/18 06:46:18 \| 00,000,310 \| ---- \| C] () -- C:\WINDOWS\net2fone.ini [2003/12/18 06:26:09 \| 00,363,520 \| ---- \| C] () -- C:\WINDOWS\System32\psisdecd.dll [2003/12/18 05:54:33 \| 00,155,648 \| ---- \| C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2003/12/18 05:52:33 \| 00,475,136 \| ---- \| C] () -- C:\WINDOWS\System32\SLLights.dll [2003/12/18 05:52:33 \| 00,155,648 \| ---- \| C] () -- C:\WINDOWS\System32\amr_cpl.dll [2003/12/18 05:52:33 \| 00,135,168 \| ---- \| C] () -- C:\WINDOWS\System32\SLMOHServ.dll_ [2003/12/18 05:50:45 \| 00,077,824 \| ---- \| C] () -- C:\WINDOWS\System32\SynTPCoI.dll [2003/12/17 21:35:32 \| 00,000,062 \| -HS- \| C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini [2003/12/17 12:30:48 \| 00,188,416 \| ---- \| C] () -- C:\WINDOWS\System32\slextspk.dll [2003/12/17 12:30:48 \| 00,163,840 \| ---- \| C] () -- C:\WINDOWS\System32\SLGen.dll [2003/12/17 12:30:48 \| 00,049,152 \| ---- \| C] () -- C:\WINDOWS\System32\coinst.dll_ [2003/12/17 12:30:41 \| 00,001,094 \| ---- \| C] () -- C:\WINDOWS\System32\oeminfo.ini [2003/12/17 12:30:41 \| 00,000,465 \| ---- \| C] () -- C:\WINDOWS\System32\emver.ini [2003/12/17 12:30:15 \| 00,001,048 \| ---- \| C] () -- C:\WINDOWS\win.ini [2003/12/17 12:30:11 \| 00,000,227 \| ---- \| C] () -- C:\WINDOWS\system.ini [2003/10/08 12:34:26 \| 00,121,440 \| ---- \| C] () -- C:\WINDOWS\System32\MSDRMCtrl.dll [2003/09/24 21:32:13 \| 00,061,440 \| ---- \| C] () -- C:\WINDOWS\System32\FlashIcon.dll [2003/03/31 07:00:00 \| 00,000,008 \| ---- \| C] () -- C:\WINDOWS\System32\FInstall.sys [2003/01/07 14:05:08 \| 00,002,695 \| ---- \| C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/08/28 20:27:50 \| 00,096,512 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\atapi.sys ========== LOP Check ========== [2009/10/22 21:35:18 \| 00,000,000 \| -HSD \| M] -- C:\Documents and Settings\All Users\Application Data\24bb5 [2009/10/13 22:23:43 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\acccore [2009/10/22 23:07:45 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\AIM [2009/10/13 22:24:06 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar [2005/08/30 19:23:02 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Network Associates [2004/10/24 15:10:49 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan [2009/10/14 23:30:12 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2009/10/15 19:50:32 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2008/10/26 21:12:46 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\acccore [2005/04/03 20:52:55 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\Aim [2003/12/18 06:27:10 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\InterTrust [2005/04/27 18:05:14 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Laura\Application Data\Webshots [2003/03/31 07:00:00 \| 00,000,065 \| RH-- \| M] () -- C:\WINDOWS\Tasks\desktop.ini [2009/11/07 23:49:32 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\Tasks\SA.DAT [2009/11/07 14:36:51 \| 00,000,422 \| -H-- \| M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{32491F5F-B34F-4F29-8F8F-9AB8B01E7AFC}.job ========== Purity Check ========== ========== Custom Scans ========== < > < %systemroot%\System32\antiwpa.dll > < %systemroot%\SYSTEM32\wpa.dll > < %systemroot%\setup\scripts\biestart.exe > < %systemroot%\system32\drivers\royal.sys > < %systemroot%\system32\oobe\AntiWPA_Crypt.dll > < %TEMP%\antiwpa_crypt.dll > < %TEMP%\antiwpa.dll /s > < %PROGRAMFILES%\antiwpa.dll /s > < %systemroot%\system32\crypt.dll > < %TEMP%\crypt.dll > < %SYSTEMDRIVE%\. > [2009/11/07 22:25:55 \| 00,000,000 \| -H-D \| M] -- C:\$AVG8.VAULT$ [2009/10/19 19:59:05 \| 00,000,000 \| ---D \| M] -- C:\859a169f865c6af65e3a2699dc50 [2004/03/08 21:51:06 \| 00,000,000 \| -H-D \| M] -- C:\bundle [2009/07/26 19:50:38 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings [2004/02/28 02:47:25 \| 00,000,000 \| ---D \| M] -- C:\Drivers [2004/09/13 11:49:54 \| 00,000,000 \| RH-D \| M] -- C:\MSOCache [2005/08/30 19:21:03 \| 00,000,000 \| ---D \| M] -- C:\muvs8i [2003/12/18 06:41:14 \| 00,000,000 \| ---D \| M] -- C:\My Music [2009/11/07 22:04:12 \| 00,000,000 \| ---D \| M] -- C:\Program Files [2006/08/09 20:09:07 \| 00,000,000 \| -HSD \| M] -- C:\RECYCLER [2006/02/04 16:03:36 \| 00,000,000 \| -HSD \| M] -- C:\System Volume Information [2004/11/11 09:22:14 \| 00,000,000 \| ---D \| M] -- C:\vscan71 [2009/11/07 19:24:40 \| 00,000,000 \| ---D \| M] -- C:\WINDOWS < %SYSTEMDRIVE%\.* > [2004/08/25 04:20:36 \| 00,000,606 \| ---- \| M] () -- C:\aol.ini [2005/08/29 21:24:25 \| 00,000,211 \| RHS- \| M] () -- C:\boot.ini [2003/12/18 05:43:41 \| 00,000,000 \| RHS- \| M] () -- C:\CONFIG.SYS [2004/12/31 10:50:57 \| 00,000,055 \| ---- \| M] () -- C:\DVDPATH.TXT [2006/02/04 16:49:46 \| 00,002,421 \| ---- \| M] () -- C:\eradicate.txt [2001/09/05 21:00:58 \| 01,700,352 \| ---- \| M] (Microsoft Corporation) -- C:\gdiplus.dll [2009/11/07 23:49:24 \| 53,535,1296 \| -HS- \| M] () -- C:\hiberfil.sys [2003/12/18 05:43:41 \| 00,000,000 \| RHS- \| M] () -- C:\IO.SYS [2009/10/22 23:08:08 \| 00,005,098 \| -H-- \| M] () -- C:\IPH.PH [2005/10/04 19:33:55 \| 00,000,048 \| -HS- \| M] () -- C:\LSWMV.INI [2003/12/18 05:43:41 \| 00,000,000 \| RHS- \| M] () -- C:\MSDOS.SYS [2005/08/29 21:10:40 \| 00,047,564 \| RHS- \| M] () -- C:\NTDETECT.COM [2008/10/19 23:27:07 \| 00,250,048 \| RHS- \| M] () -- C:\ntldr [2009/11/07 23:49:22 \| 80,530,6368 \| -HS- \| M] () -- C:\pagefile.sys [2006/02/03 17:00:51 \| 00,003,267 \| ---- \| M] () -- C:\scan.txt [2004/12/15 12:11:33 \| 00,087,623 \| ---- \| M] () -- C:\tmp.txt < %PROGRAMFILES%\*. > [2009/11/02 01:52:33 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Adobe [2009/10/13 22:20:33 \| 00,000,000 \| ---D \| M] -- C:\Program Files\aim [2009/10/22 23:13:20 \| 00,000,000 \| ---D \| M] -- C:\Program Files\AIM Toolbar [2009/10/22 23:07:33 \| 00,000,000 \| ---D \| M] -- C:\Program Files\AIM7 [2009/10/22 23:03:45 \| 00,000,000 \| ---D \| M] -- C:\Program Files\America Online 9.0 [2005/04/03 20:52:14 \| 00,000,000 \| ---D \| M] -- C:\Program Files\AOD [2003/12/18 06:41:50 \| 00,000,000 \| ---D \| M] -- C:\Program Files\AOL Companion [2008/10/30 17:39:23 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Apple Software Update [2004/02/20 20:30:47 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ATI Technologies [2009/08/03 20:48:11 \| 00,000,000 \| ---D \| M] -- C:\Program Files\AVG [2004/08/25 04:20:49 \| 00,000,000 \| ---D \| M] -- C:\Program Files\AWS [2003/12/18 06:33:11 \| 00,000,000 \| ---D \| M] -- C:\Program Files\BigFix [2009/10/15 19:47:22 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Bonjour [2005/08/21 19:11:21 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Cisco Systems [2009/08/17 09:58:58 \| 00,000,000 \| ---D \| M] -- C:\Program Files\CNS Vital Signs [2009/10/22 23:08:21 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Common Files [2003/12/18 05:41:11 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ComPlus Applications [2009/10/22 23:18:11 \| 00,000,000 \| ---D \| M] -- C:\Program Files\CompuServe 7.0 [2004/02/20 20:01:16 \| 00,000,000 \| ---D \| M] -- C:\Program Files\CyberLink [2004/10/12 23:47:00 \| 00,000,000 \| ---D \| M] -- C:\Program Files\FunWebProducts-MyTotalSearch [2004/02/24 17:46:41 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Generic [2004/06/30 05:26:35 \| 00,000,000 \| ---D \| M] -- C:\Program Files\HighMAT CD Writing Wizard [2004/08/25 15:48:25 \| 00,000,000 \| ---D \| M] -- C:\Program Files\HP [2005/04/07 16:33:48 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ICQ [2004/10/05 10:16:40 \| 00,000,000 \| -H-D \| M] -- C:\Program Files\InstallShield Installation Information [2004/11/24 15:48:25 \| 00,000,000 \| ---D \| M] -- C:\Program Files\InterActual [2009/11/07 03:16:21 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Internet Explorer [2009/10/15 19:49:28 \| 00,000,000 \| ---D \| M] -- C:\Program Files\iPod [2009/10/22 23:35:36 \| 00,000,000 \| ---D \| M] -- C:\Program Files\IrfanView [2009/10/15 19:50:32 \| 00,000,000 \| ---D \| M] -- C:\Program Files\iTunes [2008/10/19 14:28:21 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Java [2003/12/18 06:43:58 \| 00,000,000 \| ---D \| M] -- C:\Program Files\JavaSoft [2009/10/15 19:23:59 \| 00,000,000 \| ---D \| M] -- C:\Program Files\LimeWire [2009/10/22 21:45:34 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Messenger [2004/09/13 11:56:45 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft ActiveSync [2003/12/18 05:43:53 \| 00,000,000 \| ---D \| M] -- C:\Program Files\microsoft frontpage [2003/12/18 06:34:53 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Money [2004/09/13 11:56:05 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Office [2009/10/22 23:59:27 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Picture It! 9 [2009/10/14 21:45:40 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Silverlight [2009/11/07 19:22:49 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Windows Vista Upgrade Advisor [2003/12/18 06:36:47 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Works [2004/09/13 11:52:01 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft.NET [2008/10/19 23:36:24 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Movie Maker [2009/11/08 00:00:07 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox [2009/10/19 19:59:48 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MSBuild [2003/12/18 05:40:29 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MSN [2003/12/18 06:14:05 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MSN Encarta Plus [2003/12/18 05:40:19 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MSN Gaming Zone [2004/06/30 05:28:24 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MSXML 4.0 [2004/10/12 23:47:02 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MyTotalSearch [2005/04/04 16:12:44 \| 00,000,000 \| ---D \| M] -- C:\Program Files\myTunes Redux [2008/10/17 23:47:49 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Netflix [2009/10/23 14:10:02 \| 00,000,000 \| ---D \| M] -- C:\Program Files\NetMeeting [2003/12/18 06:46:04 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Netscape [2005/08/30 19:22:44 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Network Associates [2004/10/24 16:05:20 \| 00,000,000 \| ---D \| M] -- C:\Program Files\NoAdware [2003/12/18 05:42:14 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Online Services [2009/10/22 21:35:15 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Outlook Express [2004/06/30 05:21:29 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Program Shortcuts [2004/08/26 10:20:43 \| 00,000,000 \| ---D \| M] -- C:\Program Files\PWRSMND1 [2009/10/23 00:06:22 \| 00,000,000 \| ---D \| M] -- C:\Program Files\QuickTime [2003/12/18 06:41:09 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Real [2009/10/19 19:59:26 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Reference Assemblies [2005/04/07 16:52:44 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Security Task Manager [2009/10/23 00:07:34 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Spybot - Search & Destroy [2004/10/27 14:04:13 \| 00,000,000 \| ---D \| M] -- C:\Program Files\STOPzilla! [2004/11/18 09:44:41 \| 00,000,000 \| ---D \| M] -- C:\Program Files\StreamCast [2008/10/19 14:28:48 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Sun [2005/08/30 19:13:12 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Symantec [2003/12/18 05:50:45 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Synaptics [2009/11/07 22:04:12 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Trend Micro [2003/12/18 06:25:19 \| 00,000,000 \| -H-D \| M] -- C:\Program Files\Uninstall Information [2008/10/26 21:42:50 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Viewpoint [2006/02/04 17:31:28 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Webroot [2009/10/23 00:09:10 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Webshots [2006/02/04 17:06:55 \| 00,000,000 \| ---D \| M] -- C:\Program Files\WildTangent [2009/11/07 18:43:17 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Winamp [2006/02/04 17:29:54 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows FormatAd [2009/10/23 00:09:18 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Media Connect 2 [2009/10/23 00:42:14 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Media Player [2009/10/23 00:10:01 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows NT [2005/05/04 23:52:53 \| 00,000,000 \| -H-D \| M] -- C:\Program Files\WindowsUpdate [2005/04/07 16:35:43 \| 00,000,000 \| ---D \| M] -- C:\Program Files\WinMX [2003/12/18 05:43:53 \| 00,000,000 \| ---D \| M] -- C:\Program Files\xerox [2005/02/15 20:21:40 \| 00,000,000 \| ---D \| M] -- C:\Program Files\XML [2006/04/22 16:54:05 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Yahoo! ========== Alternate Data Streams ========== @Alternate Data Stream - 2628 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxA aaqpcawXc < End of report >

11-08-2009	#4
Pancake Senior Security Analyst Join Date: Jun 2006 Location: Victoria, Australia Posts: 8,297 PC Experience: Elite PC Guru	Re: Problem's with my mother's PC. You will need to download ComboFix.exe. Download Combofix from any of the links below. You must rename it before saving it. Name it ComFx, and Save it to your desktop. http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe * IMPORTANT !!! Save ComboFix.exe to your Desktop It is important that it is saved and renamed following this process directly to your desktop** ======================================== Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions. It's IMPORTANT to carry out the instructions in the sequence listed below. 1. Close any open browsers. 2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Open notepad and copy/paste the red text in the quotebox below into it: File:: Folder:: C:\WINDOWS\System32\nsvsvc C:\WINDOWS\System32\picsvr C:\Program Files\Viewpoint Registry:: DDS:: Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop. Refering to the picture above, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt Please copy and paste the ComboFix.txt in your next reply please. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.Altering this script in any way could damage your computer __________________ An Australian Member of My real name is Eddy

Similar discussions...
Thread	Thread Starter	Forum	Replies	Last Post
Pending: Mother's Computer got reboot worm/virus:	PCandMacUser	[Pending] HJT Logs	4	05-16-2009 05:41 AM
Problem's With Automatic Updates!	Selwood86	Windows XP/2000	3	01-12-2007 12:15 PM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode