Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 30

Thread: redirection virus Please help.

  1. 2010-12-29, 00:50 #11
    verynicelily
    verynicelily is offline
    Junior Member
    Join Date
    Dec 2010
    Posts
    18

    Default OTL.Txt log

    Thanks for that.

    OTL logfile created on: 28/12/2010 23:45:47 - Run 3
    OTL by OldTimer - Version 3.2.18.0 Folder = c:\Users\Thorpehousehold\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.7930.16406)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
    4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 288.03 Gb Total Space | 124.72 Gb Free Space | 43.30% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 3.72 Gb Free Space | 37.24% Space Free | Partition Type: NTFS

    Computer Name: THRIBBLE-PC | User Name: Thorpehousehold | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - c:\Users\Thorpehousehold\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
    PRC - C:\Program Files\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
    PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    PRC - C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe ()
    PRC - C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
    PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
    PRC - C:\Program Files\2X\ApplicationServer Client\APPServerClient.exe (2X Software Ltd.)
    PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
    PRC - C:\Program Files\TalkTalk\bin\sprtsvc.exe (SupportSoft, Inc.)
    PRC - C:\Program Files\Common Files\supportsoft\bin\tgsrvc.exe (SupportSoft, Inc.)


    ========== Modules (SafeList) ==========

    MOD - c:\Users\Thorpehousehold\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (SftService) -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
    SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
    SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
    SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
    SRV - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
    SRV - (sprtsvc_TalkTalk) SupportSoft Sprocket Service (TalkTalk) -- C:\Program Files\TalkTalk\bin\sprtsvc.exe (SupportSoft, Inc.)
    SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
    SRV - (tgsrvc_TalkTalk) SupportSoft Repair Service (TalkTalk) -- C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe (SupportSoft, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
    DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
    DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
    DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Program Files\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
    DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSEH) -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
    DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgrkx86) -- C:\Windows\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
    DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
    DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
    DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corp.)
    DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
    DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
    DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
    DRV - (ovt519) -- C:\Windows\System32\drivers\ov519vid.sys (OmniVision Technologies, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25570

    ========== FireFox ==========

    FF - prefs.js..browser.search.selectedEngine: "search"
    FF - prefs.js..browser.startup.homepage: "www.google.co.uk"
    FF - prefs.js..extensions.enabledItems: {1BCA7BD8-8977-11DC-A9BD-548555D89593}:1.5
    FF - prefs.js..extensions.enabledItems: {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"

    FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/05/21 21:48:22 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/12/28 10:22:39 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/28 23:40:21 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 18:49:59 | 000,000,000 | ---D | M]

    [2009/09/07 19:56:16 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Extensions
    [2009/07/21 06:53:41 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\extensions
    [2009/07/21 06:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    [2010/12/28 08:48:19 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\Profiles\mewl2f0q.default\extensions
    [2009/12/31 21:34:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\Profiles\mewl2f0q.default\extensions\{1BCA7BD8-8977-11DC-A9BD-548555D89593}
    [2010/04/27 20:40:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\Profiles\mewl2f0q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2009/09/07 20:45:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\Profiles\mewl2f0q.default\extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C}
    [2010/12/23 17:40:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/08/21 16:41:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2010/05/01 22:42:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/08/04 05:48:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/11/02 21:11:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    [2008/06/18 05:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010/08/08 20:38:28 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
    [2010/08/08 20:38:28 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
    [2010/08/08 20:38:28 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
    [2010/08/08 20:38:28 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

    O1 HOSTS File: ([2010/12/09 21:50:47 | 000,002,811 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 74.125.45.100 4-open-davinci.com
    O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
    O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
    O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
    O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
    O1 - Hosts: 74.125.45.100 secure-plus-payments.com
    O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
    O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
    O1 - Hosts: 74.125.45.100 www.getavplusnow.com
    O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
    O1 - Hosts: 74.125.45.100 urs.microsoft.com
    O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
    O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
    O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
    O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
    O1 - Hosts: 204.152.194.149 www.google.com
    O1 - Hosts: 204.152.194.149 google.com
    O1 - Hosts: 204.152.194.149 google.com.au
    O1 - Hosts: 204.152.194.149 www.google.com.au
    O1 - Hosts: 204.152.194.149 google.be
    O1 - Hosts: 204.152.194.149 www.google.be
    O1 - Hosts: 204.152.194.149 google.com.br
    O1 - Hosts: 204.152.194.149 www.google.com.br
    O1 - Hosts: 39 more lines...
    O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
    O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
    O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
    O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
    O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe File not found
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
    O4 - HKLM..\RunOnce: [Launcher] C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
    O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files\Dell DataSafe Local Backup\ToasterLauncher.exe ()
    O4 - Startup: C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2X ApplicationServer Client.lnk = C:\Program Files\2X\ApplicationServer Client\APPServerClient.exe (2X Software Ltd.)
    O4 - Startup: C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
    O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
    O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/12/28 10:22:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010/12/27 21:32:15 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\My Backup Files
    [2010/12/27 08:01:44 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Local\SoftThinks
    [2010/12/26 22:33:40 | 000,000,000 | -HSD | C] -- C:\System Recovery
    [2010/12/26 22:32:08 | 000,000,000 | ---D | C] -- C:\Temp
    [2010/12/26 22:31:14 | 000,128,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys
    [2010/12/26 22:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\Dell DataSafe Local Backup
    [2010/12/26 22:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
    [2010/12/26 22:09:38 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\PCDr
    [2010/12/26 00:32:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2010/12/25 15:07:42 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\vlc
    [2010/12/25 15:07:00 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
    [2010/12/24 11:14:44 | 002,381,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2010/12/24 11:14:44 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2010/12/24 10:06:00 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\AVG
    [2010/12/23 23:34:41 | 000,000,000 | -H-D | C] -- C:\$AVG
    [2010/12/23 22:58:26 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\AVG10
    [2010/12/23 22:57:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2010/12/23 22:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
    [2010/12/23 22:54:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
    [2010/12/23 22:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
    [2010/12/23 22:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
    [2010/12/23 17:04:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2010/12/23 17:02:28 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2010/12/23 17:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2010/12/23 16:45:12 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\Desktop\GooredFix Backups
    [2010/12/23 08:43:29 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2010/12/23 08:43:29 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2010/12/23 08:43:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2010/12/23 08:43:28 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2010/12/23 08:43:28 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010/12/23 08:43:28 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2010/12/23 08:43:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2010/12/23 08:43:28 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2010/12/23 08:43:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2010/12/23 08:43:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2010/12/23 08:43:27 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2010/12/23 08:43:27 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2010/12/23 08:43:27 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2010/12/23 08:43:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
    [2010/12/23 08:43:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
    [2010/12/23 08:43:27 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2010/12/23 08:43:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2010/12/23 08:43:25 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2010/12/23 08:43:25 | 000,460,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2010/12/23 08:43:25 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2010/12/23 08:43:25 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2010/12/23 08:43:25 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2010/12/23 08:43:25 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2010/12/23 08:43:25 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2010/12/23 08:43:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2010/12/23 08:43:25 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2010/12/23 08:43:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
    [2010/12/23 08:43:24 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2010/12/23 08:43:24 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2010/12/23 08:43:24 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2010/12/23 08:43:24 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2010/12/23 08:43:24 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2010/12/23 08:43:23 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2010/12/23 08:43:23 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2010/12/23 08:43:23 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2010/12/23 08:43:23 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2010/12/23 08:43:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2010/12/23 08:42:12 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
    [2010/12/23 08:42:11 | 001,174,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
    [2010/12/23 08:42:11 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2010/12/23 08:42:11 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
    [2010/12/23 08:42:11 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
    [2010/12/23 08:42:11 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
    [2010/12/23 08:42:11 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
    [2010/12/23 08:42:11 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
    [2010/12/23 08:42:11 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
    [2010/12/23 08:42:11 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
    [2010/12/23 08:42:11 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
    [2010/12/23 08:42:11 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
    [2010/12/23 08:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\Feedback Tool
    [2010/12/15 08:47:14 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
    [2010/12/15 08:35:14 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2010/12/15 08:35:12 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
    [2010/12/15 08:35:11 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
    [2010/12/15 08:35:11 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
    [2010/12/15 08:35:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
    [2010/12/15 08:35:07 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
    [2010/12/15 08:35:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
    [2010/12/15 08:35:07 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
    [2010/12/15 08:34:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010/12/14 13:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\BBC iPlayer Desktop
    [2010/12/10 16:01:00 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\Malwarebytes
    [2010/12/10 16:00:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/12/10 16:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/12/10 16:00:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/12/10 16:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/12/10 13:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
    [2010/12/10 13:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
    [2010/12/10 11:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
    [2010/12/09 20:48:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\IAHXECXRRSV
    [2010/12/09 20:47:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\1fc9bc
    [2010/12/08 04:12:38 | 000,251,728 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
    [2010/12/04 11:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
    [2010/12/04 11:42:11 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\Uniblue
    [2009/07/23 18:38:32 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\Thorpehousehold\AppData\Roaming\DataSafeDotNet.exe
    [1 C:\Users\Thorpehousehold\Documents\*.tmp files -> C:\Users\Thorpehousehold\Documents\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/12/28 23:43:35 | 000,001,994 | ---- | M] () -- C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2X ApplicationServer Client.lnk
    [2010/12/28 23:43:24 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/12/28 23:42:51 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/12/28 23:42:51 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/12/28 23:42:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/12/28 23:42:44 | 2136,133,632 | -HS- | M] () -- C:\hiberfil.sys
    [2010/12/28 23:35:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1525119050-2295363517-642445928-1000UA.job
    [2010/12/28 22:54:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/12/28 18:57:17 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
    [2010/12/28 18:43:21 | 102,824,950 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
    [2010/12/28 11:35:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1525119050-2295363517-642445928-1000Core.job
    [2010/12/28 10:22:56 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
    [2010/12/27 08:01:13 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
    [2010/12/25 19:52:39 | 000,608,226 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/12/25 19:52:39 | 000,109,336 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/12/25 15:07:32 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2010/12/24 23:56:55 | 000,000,766 | ---- | M] () -- C:\Users\Thorpehousehold\AppData\Roaming\launcher.exe.ico
    [2010/12/24 23:50:53 | 000,000,680 | ---- | M] () -- C:\Users\Thorpehousehold\AppData\Local\d3d9caps.dat
    [2010/12/24 10:03:44 | 000,000,972 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\AVG PC Tuneup 2011.lnk
    [2010/12/23 22:38:25 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
    [2010/12/23 22:37:56 | 000,146,944 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\Christmas Card List.doc
    [2010/12/23 17:23:48 | 000,000,456 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\Attach.zip
    [2010/12/23 17:01:59 | 000,000,915 | ---- | M] () -- C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2010/12/23 17:01:41 | 000,000,735 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\NTREGOPT.lnk
    [2010/12/23 17:01:41 | 000,000,716 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\ERUNT.lnk
    [2010/12/23 08:50:38 | 000,000,945 | ---- | M] () -- C:\Users\Thorpehousehold\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2010/12/23 08:44:34 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
    [2010/12/23 08:44:34 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
    [2010/12/22 19:18:07 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/12/22 10:14:35 | 000,000,117 | ---- | M] () -- C:\Users\Thorpehousehold\jagex_runescape_preferences2.dat
    [2010/12/22 10:14:35 | 000,000,041 | ---- | M] () -- C:\Users\Thorpehousehold\jagex_runescape_preferences.dat
    [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/12/20 11:18:22 | 000,025,088 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\Family_Integrated_Worship[1].doc
    [2010/12/15 09:09:33 | 000,417,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/12/15 08:47:04 | 002,206,802 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
    [2010/12/14 13:45:00 | 000,000,864 | ---- | M] () -- C:\Users\Public\Desktop\BBC iPlayer Desktop.lnk
    [2010/12/13 22:22:58 | 001,521,766 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\bbc_iplayer_desktop_v3010.air
    [2010/12/10 15:32:28 | 000,000,106 | ---- | M] () -- C:\Windows\wininit.ini
    [2010/12/10 13:13:36 | 000,001,081 | ---- | M] () -- C:\Users\Thorpehousehold\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2010/12/10 13:13:36 | 000,001,057 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\Spybot - Search & Destroy.lnk
    [2010/12/10 12:06:54 | 000,512,992 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\sdsetup[1].exe
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-155318.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153238.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153236.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153231.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153224.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153219.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153218.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153217.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153216.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153215.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153210.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153209.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153206.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153205.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153204.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153203.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153154.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153149.backup
    [2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
    [2010/12/03 22:06:58 | 003,420,852 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\James Jordan Through New Eyes.pdf
    [2010/12/03 13:44:05 | 000,007,894 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\BudgetBrain.odt
    [2010/12/02 12:45:04 | 000,009,216 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\Stewardship.doc
    [2010/12/01 21:28:40 | 000,039,661 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\Theodore Roosevelt The Bible and The Life Of The People.pdf
    [1 C:\Users\Thorpehousehold\Documents\*.tmp files -> C:\Users\Thorpehousehold\Documents\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/12/28 18:43:21 | 102,824,950 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
    [2010/12/26 22:23:03 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
    [2010/12/26 22:23:00 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
    [2010/12/25 15:07:32 | 000,000,861 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2010/12/24 10:56:56 | 000,001,994 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2X ApplicationServer Client.lnk
    [2010/12/24 10:03:44 | 000,000,972 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\AVG PC Tuneup 2011.lnk
    [2010/12/23 22:56:50 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
    [2010/12/23 22:38:25 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
    [2010/12/23 22:35:27 | 000,146,944 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\Christmas Card List.doc
    [2010/12/23 17:23:48 | 000,000,456 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\Attach.zip
    [2010/12/23 17:01:59 | 000,000,915 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2010/12/23 17:01:41 | 000,000,735 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\NTREGOPT.lnk
    [2010/12/23 17:01:41 | 000,000,716 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\ERUNT.lnk
    [2010/12/23 08:43:24 | 000,072,533 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
    [2010/12/20 11:18:20 | 000,025,088 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\Family_Integrated_Worship[1].doc
    [2010/12/13 22:23:08 | 001,521,766 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\bbc_iplayer_desktop_v3010.air
    [2010/12/10 16:00:54 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/12/10 15:32:28 | 000,000,106 | ---- | C] () -- C:\Windows\wininit.ini
    [2010/12/10 13:13:36 | 000,001,081 | ---- | C] () -- C:\Users\Thorpehousehold\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2010/12/10 13:13:36 | 000,001,057 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\Spybot - Search & Destroy.lnk
    [2010/12/10 11:40:10 | 002,206,802 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
    [2010/12/10 11:35:34 | 000,512,992 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\sdsetup[1].exe
    [2010/12/03 22:06:58 | 003,420,852 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\James Jordan Through New Eyes.pdf
    [2010/12/03 13:44:03 | 000,007,894 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\BudgetBrain.odt
    [2010/12/01 21:28:40 | 000,039,661 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\Theodore Roosevelt The Bible and The Life Of The People.pdf
    [2010/06/17 15:17:24 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
    [2010/05/23 19:00:09 | 000,001,188 | ---- | C] () -- C:\ProgramData\ss.ini
    [2010/04/03 08:44:30 | 000,000,680 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Local\d3d9caps.dat
    [2010/03/30 13:57:56 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
    [2010/03/05 13:53:18 | 000,010,574 | -HS- | C] () -- C:\Users\Thorpehousehold\AppData\Local\iRs2pG
    [2010/01/06 12:45:09 | 000,000,114 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\usertrusted.pes
    [2010/01/06 12:44:13 | 000,000,766 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\launcher.exe.ico
    [2009/10/29 18:21:04 | 000,024,085 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\UserTile.png
    [2009/10/21 20:38:03 | 000,000,031 | -H-- | C] () -- C:\Windows\UKCpInfo.sys
    [2009/09/12 06:29:16 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
    [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/07/20 18:14:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/07/18 23:54:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2009/06/06 14:50:40 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
    [2009/04/08 17:55:25 | 000,118,784 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/04/08 10:23:54 | 000,000,271 | ---- | C] () -- C:\Windows\cdplayer.ini
    [2009/04/04 07:13:43 | 000,000,268 | RH-- | C] () -- C:\ProgramData\String Ensemble
    [2009/04/04 07:13:43 | 000,000,268 | RH-- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\Static Library
    [2009/04/04 07:13:43 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
    [2009/04/03 07:28:56 | 000,000,750 | ---- | C] () -- C:\Windows\{D084B1A9-153B-409D-AEBF-C40FCEF925EA}_WiseFW.ini
    [2009/04/02 08:59:24 | 000,008,248 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Local\en.ini
    [2009/03/31 15:55:02 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
    [2009/03/31 15:50:59 | 000,007,680 | ---- | C] () -- C:\Windows\System32\CNMVS64.DLL
    [2009/03/31 15:26:23 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI
    [2009/03/05 23:17:05 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
    [2009/03/05 23:17:05 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
    [2009/03/05 23:17:05 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
    [2009/03/05 23:17:05 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
    [2009/03/05 23:17:03 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
    [2008/02/11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
    [2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 10:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

    ========== LOP Check ==========

    [2010/12/24 10:15:19 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\AVG
    [2010/12/23 22:58:26 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\AVG10
    [2009/04/26 19:03:54 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
    [2009/04/01 07:25:21 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Canon
    [2010/05/23 18:33:44 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\COWON
    [2009/04/16 10:24:32 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\GetRightToGo
    [2009/10/12 15:24:57 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Merscom
    [2009/04/04 07:21:03 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Nikon
    [2009/10/14 15:46:18 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Oberonv1002
    [2009/03/31 22:07:45 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\OpenOffice.org
    [2010/04/06 17:42:14 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Opera
    [2010/12/26 22:13:25 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\PCDr
    [2010/08/24 15:55:21 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Petroglyph
    [2010/06/17 15:18:07 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\PrimoPDF
    [2009/03/31 15:26:18 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\ScanSoft
    [2010/07/12 17:15:00 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Smilebox
    [2010/12/18 10:57:13 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Spotify
    [2009/07/21 07:01:03 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\TweakNow RegCleaner
    [2010/12/04 11:42:11 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Uniblue
    [2009/07/22 08:49:38 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Windows Live Writer
    [2010/12/27 08:01:13 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
    [2010/12/28 23:41:56 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2010/12/28 18:57:17 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:1D60AEC3
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0B4227B4
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:CF2C26D2
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2

    < End of report >
  2. 2010-12-29, 01:29 #12
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Run OTL.exe
    • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

      Code:
      :OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25570
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-155318.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153238.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153236.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153231.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153224.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153219.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153218.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153217.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153216.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153215.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153210.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153209.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153206.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153205.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153204.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153203.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153154.backup
[2010/12/09 21:50:47 | 000,002,811 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101210-153149.backup

:Services

:Reg

:Files


:Commands
[purity]
[emptytemp]
[RESETHOSTS]
[start explorer]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot when it is done
    • Then post the results of the log and a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
    Last edited by ken545; 2010-12-29 at 02:30.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  3. 2010-12-29, 21:36 #13
    verynicelily
    verynicelily is offline
    Junior Member
    Join Date
    Dec 2010
    Posts
    18

    Default OTL run fix log

    All processes killed
    ========== OTL ==========
    No active process named explorer.exe was found!
    HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.
    File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.
    File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
    File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-155318.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153238.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153236.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153231.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153224.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153219.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153218.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153217.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153216.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153215.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153210.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153209.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153206.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153205.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153204.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153203.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153154.backup not found.
    File C:\Windows\System32\drivers\etc\hosts.20101210-153149.backup not found.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]
  4. 2010-12-29, 21:43 #14
    verynicelily
    verynicelily is offline
    Junior Member
    Join Date
    Dec 2010
    Posts
    18

    Default New OTL log

    OTL logfile created on: 29/12/2010 20:37:00 - Run 4
    OTL by OldTimer - Version 3.2.18.0 Folder = c:\users\thorpehousehold\downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.7930.16406)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
    4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 288.03 Gb Total Space | 130.65 Gb Free Space | 45.36% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 3.72 Gb Free Space | 37.24% Space Free | Partition Type: NTFS

    Computer Name: THRIBBLE-PC | User Name: Thorpehousehold | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - c:\Users\Thorpehousehold\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
    PRC - C:\Program Files\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
    PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    PRC - C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe ()
    PRC - C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
    PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
    PRC - C:\Program Files\2X\ApplicationServer Client\APPServerClient.exe (2X Software Ltd.)
    PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
    PRC - C:\Program Files\TalkTalk\bin\sprtsvc.exe (SupportSoft, Inc.)
    PRC - C:\Program Files\Common Files\supportsoft\bin\tgsrvc.exe (SupportSoft, Inc.)


    ========== Modules (SafeList) ==========

    MOD - c:\Users\Thorpehousehold\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (SftService) -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
    SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
    SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
    SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
    SRV - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
    SRV - (sprtsvc_TalkTalk) SupportSoft Sprocket Service (TalkTalk) -- C:\Program Files\TalkTalk\bin\sprtsvc.exe (SupportSoft, Inc.)
    SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
    SRV - (tgsrvc_TalkTalk) SupportSoft Repair Service (TalkTalk) -- C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe (SupportSoft, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
    DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
    DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
    DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Program Files\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
    DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSEH) -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
    DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgrkx86) -- C:\Windows\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
    DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
    DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
    DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corp.)
    DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
    DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
    DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
    DRV - (ovt519) -- C:\Windows\System32\drivers\ov519vid.sys (OmniVision Technologies, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.selectedEngine: "search"
    FF - prefs.js..browser.startup.homepage: "www.google.co.uk"
    FF - prefs.js..extensions.enabledItems: {1BCA7BD8-8977-11DC-A9BD-548555D89593}:1.5
    FF - prefs.js..extensions.enabledItems: {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"

    FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/05/21 21:48:22 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/12/28 10:22:39 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/28 23:40:21 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 18:49:59 | 000,000,000 | ---D | M]

    [2009/09/07 19:56:16 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Extensions
    [2009/07/21 06:53:41 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\extensions
    [2009/07/21 06:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    [2010/12/29 18:33:53 | 000,000,000 | ---D | M] -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\Profiles\mewl2f0q.default\extensions
    [2009/12/31 21:34:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\Profiles\mewl2f0q.default\extensions\{1BCA7BD8-8977-11DC-A9BD-548555D89593}
    [2010/04/27 20:40:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\Profiles\mewl2f0q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2009/09/07 20:45:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thorpehousehold\AppData\Roaming\Mozilla\Firefox\Profiles\mewl2f0q.default\extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C}
    [2010/12/23 17:40:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/08/21 16:41:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2010/05/01 22:42:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/08/04 05:48:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/11/02 21:11:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    [2008/06/18 05:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010/08/08 20:38:28 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
    [2010/08/08 20:38:28 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
    [2010/08/08 20:38:28 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
    [2010/08/08 20:38:28 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

    O1 HOSTS File: ([2010/12/29 20:25:13 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
    O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
    O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe File not found
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
    O4 - HKLM..\RunOnce: [Launcher] C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
    O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files\Dell DataSafe Local Backup\ToasterLauncher.exe ()
    O4 - Startup: C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2X ApplicationServer Client.lnk = C:\Program Files\2X\ApplicationServer Client\APPServerClient.exe (2X Software Ltd.)
    O4 - Startup: C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
    O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
    O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/12/29 11:07:30 | 000,000,000 | ---D | C] -- C:\_OTL
    [2010/12/28 10:22:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010/12/27 21:32:15 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\My Backup Files
    [2010/12/27 08:01:44 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Local\SoftThinks
    [2010/12/26 22:33:40 | 000,000,000 | -HSD | C] -- C:\System Recovery
    [2010/12/26 22:32:08 | 000,000,000 | ---D | C] -- C:\Temp
    [2010/12/26 22:31:14 | 000,128,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys
    [2010/12/26 22:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\Dell DataSafe Local Backup
    [2010/12/26 22:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
    [2010/12/26 22:09:38 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\PCDr
    [2010/12/26 00:32:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2010/12/25 15:07:42 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\vlc
    [2010/12/25 15:07:00 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
    [2010/12/24 11:14:44 | 002,381,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2010/12/24 11:14:44 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2010/12/24 10:06:00 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\AVG
    [2010/12/23 23:34:41 | 000,000,000 | -H-D | C] -- C:\$AVG
    [2010/12/23 22:58:26 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\AVG10
    [2010/12/23 22:57:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2010/12/23 22:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
    [2010/12/23 22:54:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
    [2010/12/23 22:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
    [2010/12/23 22:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
    [2010/12/23 17:04:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2010/12/23 17:02:28 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2010/12/23 17:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2010/12/23 16:45:12 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\Desktop\GooredFix Backups
    [2010/12/23 08:43:29 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2010/12/23 08:43:29 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2010/12/23 08:43:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2010/12/23 08:43:28 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2010/12/23 08:43:28 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010/12/23 08:43:28 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2010/12/23 08:43:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2010/12/23 08:43:28 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2010/12/23 08:43:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2010/12/23 08:43:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2010/12/23 08:43:27 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2010/12/23 08:43:27 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2010/12/23 08:43:27 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2010/12/23 08:43:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
    [2010/12/23 08:43:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
    [2010/12/23 08:43:27 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2010/12/23 08:43:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2010/12/23 08:43:25 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2010/12/23 08:43:25 | 000,460,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2010/12/23 08:43:25 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2010/12/23 08:43:25 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2010/12/23 08:43:25 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2010/12/23 08:43:25 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2010/12/23 08:43:25 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2010/12/23 08:43:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2010/12/23 08:43:25 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2010/12/23 08:43:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
    [2010/12/23 08:43:24 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2010/12/23 08:43:24 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2010/12/23 08:43:24 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2010/12/23 08:43:24 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2010/12/23 08:43:24 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2010/12/23 08:43:23 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2010/12/23 08:43:23 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2010/12/23 08:43:23 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2010/12/23 08:43:23 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2010/12/23 08:43:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2010/12/23 08:42:12 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
    [2010/12/23 08:42:11 | 001,174,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
    [2010/12/23 08:42:11 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2010/12/23 08:42:11 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
    [2010/12/23 08:42:11 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
    [2010/12/23 08:42:11 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
    [2010/12/23 08:42:11 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
    [2010/12/23 08:42:11 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
    [2010/12/23 08:42:11 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
    [2010/12/23 08:42:11 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
    [2010/12/23 08:42:11 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
    [2010/12/23 08:42:11 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
    [2010/12/23 08:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\Feedback Tool
    [2010/12/15 08:47:14 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
    [2010/12/15 08:35:14 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2010/12/15 08:35:12 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
    [2010/12/15 08:35:11 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
    [2010/12/15 08:35:11 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
    [2010/12/15 08:35:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
    [2010/12/15 08:35:07 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
    [2010/12/15 08:35:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
    [2010/12/15 08:35:07 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
    [2010/12/15 08:34:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010/12/14 13:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\BBC iPlayer Desktop
    [2010/12/10 16:01:00 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\Malwarebytes
    [2010/12/10 16:00:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/12/10 16:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/12/10 16:00:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/12/10 16:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/12/10 13:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
    [2010/12/10 13:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
    [2010/12/10 11:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
    [2010/12/09 20:48:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\IAHXECXRRSV
    [2010/12/09 20:47:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\1fc9bc
    [2010/12/08 04:12:38 | 000,251,728 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
    [2010/12/04 11:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
    [2010/12/04 11:42:11 | 000,000,000 | ---D | C] -- C:\Users\Thorpehousehold\AppData\Roaming\Uniblue
    [2009/07/23 18:38:32 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\Thorpehousehold\AppData\Roaming\DataSafeDotNet.exe
    [1 C:\Users\Thorpehousehold\Documents\*.tmp files -> C:\Users\Thorpehousehold\Documents\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/12/29 20:35:01 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1525119050-2295363517-642445928-1000UA.job
    [2010/12/29 20:27:43 | 000,001,994 | ---- | M] () -- C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2X ApplicationServer Client.lnk
    [2010/12/29 20:27:17 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/12/29 20:27:05 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/12/29 20:27:05 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/12/29 20:26:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/12/29 20:26:49 | 2136,133,632 | -HS- | M] () -- C:\hiberfil.sys
    [2010/12/29 20:25:13 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
    [2010/12/29 19:54:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/12/29 18:44:58 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
    [2010/12/29 11:08:50 | 102,903,039 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
    [2010/12/28 11:35:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1525119050-2295363517-642445928-1000Core.job
    [2010/12/28 10:22:56 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
    [2010/12/27 08:01:13 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
    [2010/12/25 19:52:39 | 000,608,226 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/12/25 19:52:39 | 000,109,336 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/12/25 15:07:32 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2010/12/24 23:56:55 | 000,000,766 | ---- | M] () -- C:\Users\Thorpehousehold\AppData\Roaming\launcher.exe.ico
    [2010/12/24 23:50:53 | 000,000,680 | ---- | M] () -- C:\Users\Thorpehousehold\AppData\Local\d3d9caps.dat
    [2010/12/24 10:03:44 | 000,000,972 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\AVG PC Tuneup 2011.lnk
    [2010/12/23 22:38:25 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
    [2010/12/23 22:37:56 | 000,146,944 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\Christmas Card List.doc
    [2010/12/23 17:23:48 | 000,000,456 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\Attach.zip
    [2010/12/23 17:01:59 | 000,000,915 | ---- | M] () -- C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2010/12/23 17:01:41 | 000,000,735 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\NTREGOPT.lnk
    [2010/12/23 17:01:41 | 000,000,716 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\ERUNT.lnk
    [2010/12/23 08:50:38 | 000,000,945 | ---- | M] () -- C:\Users\Thorpehousehold\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2010/12/23 08:44:34 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
    [2010/12/23 08:44:34 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
    [2010/12/22 19:18:07 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/12/22 10:14:35 | 000,000,117 | ---- | M] () -- C:\Users\Thorpehousehold\jagex_runescape_preferences2.dat
    [2010/12/22 10:14:35 | 000,000,041 | ---- | M] () -- C:\Users\Thorpehousehold\jagex_runescape_preferences.dat
    [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/12/20 11:18:22 | 000,025,088 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\Family_Integrated_Worship[1].doc
    [2010/12/15 09:09:33 | 000,417,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/12/15 08:47:04 | 002,206,802 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
    [2010/12/14 13:45:00 | 000,000,864 | ---- | M] () -- C:\Users\Public\Desktop\BBC iPlayer Desktop.lnk
    [2010/12/13 22:22:58 | 001,521,766 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\bbc_iplayer_desktop_v3010.air
    [2010/12/10 15:32:28 | 000,000,106 | ---- | M] () -- C:\Windows\wininit.ini
    [2010/12/10 13:13:36 | 000,001,081 | ---- | M] () -- C:\Users\Thorpehousehold\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2010/12/10 13:13:36 | 000,001,057 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\Spybot - Search & Destroy.lnk
    [2010/12/10 12:06:54 | 000,512,992 | ---- | M] () -- C:\Users\Thorpehousehold\Desktop\sdsetup[1].exe
    [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
    [2010/12/03 22:06:58 | 003,420,852 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\James Jordan Through New Eyes.pdf
    [2010/12/03 13:44:05 | 000,007,894 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\BudgetBrain.odt
    [2010/12/02 12:45:04 | 000,009,216 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\Stewardship.doc
    [2010/12/01 21:28:40 | 000,039,661 | ---- | M] () -- C:\Users\Thorpehousehold\Documents\Theodore Roosevelt The Bible and The Life Of The People.pdf
    [1 C:\Users\Thorpehousehold\Documents\*.tmp files -> C:\Users\Thorpehousehold\Documents\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/12/29 11:08:50 | 102,903,039 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
    [2010/12/26 22:23:03 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
    [2010/12/26 22:23:00 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
    [2010/12/25 15:07:32 | 000,000,861 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2010/12/24 10:56:56 | 000,001,994 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2X ApplicationServer Client.lnk
    [2010/12/24 10:03:44 | 000,000,972 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\AVG PC Tuneup 2011.lnk
    [2010/12/23 22:56:50 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
    [2010/12/23 22:38:25 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
    [2010/12/23 22:35:27 | 000,146,944 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\Christmas Card List.doc
    [2010/12/23 17:23:48 | 000,000,456 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\Attach.zip
    [2010/12/23 17:01:59 | 000,000,915 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2010/12/23 17:01:41 | 000,000,735 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\NTREGOPT.lnk
    [2010/12/23 17:01:41 | 000,000,716 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\ERUNT.lnk
    [2010/12/23 08:43:24 | 000,072,533 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
    [2010/12/20 11:18:20 | 000,025,088 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\Family_Integrated_Worship[1].doc
    [2010/12/13 22:23:08 | 001,521,766 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\bbc_iplayer_desktop_v3010.air
    [2010/12/10 16:00:54 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/12/10 15:32:28 | 000,000,106 | ---- | C] () -- C:\Windows\wininit.ini
    [2010/12/10 13:13:36 | 000,001,081 | ---- | C] () -- C:\Users\Thorpehousehold\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2010/12/10 13:13:36 | 000,001,057 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\Spybot - Search & Destroy.lnk
    [2010/12/10 11:40:10 | 002,206,802 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
    [2010/12/10 11:35:34 | 000,512,992 | ---- | C] () -- C:\Users\Thorpehousehold\Desktop\sdsetup[1].exe
    [2010/12/03 22:06:58 | 003,420,852 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\James Jordan Through New Eyes.pdf
    [2010/12/03 13:44:03 | 000,007,894 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\BudgetBrain.odt
    [2010/12/01 21:28:40 | 000,039,661 | ---- | C] () -- C:\Users\Thorpehousehold\Documents\Theodore Roosevelt The Bible and The Life Of The People.pdf
    [2010/06/17 15:17:24 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
    [2010/05/23 19:00:09 | 000,001,188 | ---- | C] () -- C:\ProgramData\ss.ini
    [2010/04/03 08:44:30 | 000,000,680 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Local\d3d9caps.dat
    [2010/03/30 13:57:56 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
    [2010/03/05 13:53:18 | 000,010,574 | -HS- | C] () -- C:\Users\Thorpehousehold\AppData\Local\iRs2pG
    [2010/01/06 12:45:09 | 000,000,114 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\usertrusted.pes
    [2010/01/06 12:44:13 | 000,000,766 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\launcher.exe.ico
    [2009/10/29 18:21:04 | 000,024,085 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\UserTile.png
    [2009/10/21 20:38:03 | 000,000,031 | -H-- | C] () -- C:\Windows\UKCpInfo.sys
    [2009/09/12 06:29:16 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
    [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/07/20 18:14:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/07/18 23:54:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2009/06/06 14:50:40 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
    [2009/04/08 17:55:25 | 000,118,784 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/04/08 10:23:54 | 000,000,271 | ---- | C] () -- C:\Windows\cdplayer.ini
    [2009/04/04 07:13:43 | 000,000,268 | RH-- | C] () -- C:\ProgramData\String Ensemble
    [2009/04/04 07:13:43 | 000,000,268 | RH-- | C] () -- C:\Users\Thorpehousehold\AppData\Roaming\Static Library
    [2009/04/04 07:13:43 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
    [2009/04/03 07:28:56 | 000,000,750 | ---- | C] () -- C:\Windows\{D084B1A9-153B-409D-AEBF-C40FCEF925EA}_WiseFW.ini
    [2009/04/02 08:59:24 | 000,008,248 | ---- | C] () -- C:\Users\Thorpehousehold\AppData\Local\en.ini
    [2009/03/31 15:55:02 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
    [2009/03/31 15:50:59 | 000,007,680 | ---- | C] () -- C:\Windows\System32\CNMVS64.DLL
    [2009/03/31 15:26:23 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI
    [2009/03/05 23:17:05 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
    [2009/03/05 23:17:05 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
    [2009/03/05 23:17:05 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
    [2009/03/05 23:17:05 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
    [2009/03/05 23:17:03 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
    [2008/02/11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
    [2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 10:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:1D60AEC3
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0B4227B4
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:CF2C26D2
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2

    < End of report >

    Thank you for your continued help. Sorry about delays in replying: family commitments and time difference here in
    the U.K.
  5. 2010-12-29, 22:19 #15
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Thank you for your continued help. Sorry about delays in replying: family commitments and time difference here in
    the U.K.
    Not a problem, live in the NE part of the US and have been shoveling snow for two days

    Looks like the fix took. Things should be running better now ??

    You have Malwarebytes installed, open it, check for updates and run the Quick Scan and post the log please.


    Then run this free online virus scanner and post the log also.

    Please run this free online virus scanner from ESET
    • Note: You will need to use Internet explorer for this scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
    • Click Scan
    • Wait for the scan to finish
    • Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
    • Copy and paste that log as a reply to this topic
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  6. 2010-12-29, 22:54 #16
    verynicelily
    verynicelily is offline
    Junior Member
    Join Date
    Dec 2010
    Posts
    18

    Default Malwarebytes quick scan

    Yes, thank you, things seem to be working much better now. I will run the ESET scan and follow this with the log.

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5419

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 9.0.7930.16406

    29/12/2010 21:46:20
    mbam-log-2010-12-29 (21-46-20).txt

    Scan type: Quick scan
    Objects scanned: 151316
    Time elapsed: 5 minute(s), 4 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 1
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\Users\thorpehousehold\downloads\xvidsetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
  7. 2010-12-30, 01:00 #17
    verynicelily
    verynicelily is offline
    Junior Member
    Join Date
    Dec 2010
    Posts
    18

    Default ESET log

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK
  8. 2010-12-30, 01:30 #18
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    You should be able to find the compete log here, only post it if it found threats.
    C:\Program Files\EsetOnlineScanner\log.txt

    How are things running now ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  9. 2010-12-30, 12:23 #19
    verynicelily
    verynicelily is offline
    Junior Member
    Join Date
    Dec 2010
    Posts
    18

    Default ESET scan

    Sorry, this is the only log I can find. I was rather disappointed myself, having waited about 2 hours for the scan results. Will run another scan and see what happens. Thanks for your patience.
  10. 2010-12-30, 13:00 #20
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    You can try this one in lew of ESET

    Please do a scan with Kaspersky Online Scanner
    • Click on the Accept button and install any components it needs.
    • The program will install and then begin downloading the latest definition files.
    • After the files have been downloaded on the left side of the page in the Scan section select My Computer.
    • This will start the program and scan your system.
    • The scan will take a while, so be patient and let it run. (At times it may appear to stall)
    • Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
      • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
      • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.

    • Once the scan is complete, click on View scan report To obtain the report:
    • Click on: Save Report As
    • Next, in the Save as prompt, Save in area, select: Desktop
    • In the File name area, use KScan, or something similar In Save as type, click the drop arrow and select: Text file [*.txt]
    • Then, click: Save
    • Please post the Kaspersky Online Scanner Report in your reply.


    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules