Click load

[ken545]

Hi,

I am seeing markers in your log for Rogers AV and also McAfee and Symantec, you should only have one AV, more than one is overkill and will severely hamper system performance and cause other issues. Which one do you want to keep ?

You have Ask Toolbar installed, you need to remove this via Add Remove Programs in the Control Panel


* It promotes its toolbars on sites targeted at kids.
* It promotes its toolbars through ads that appear to be part of other companies' sites.
* It promotes its toolbars through other companies' spyware.
* It is Installed without any disclosure whatsoever and without any consent from the user whatsoever.
* It solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.
* It makes confusing changes to user's browsers - increasing Ask's revenues while taking users to pages they didn't intend to visit.



Backup Your Registry with ERUNT:

• Download erunt.zip to your Desktop from here:
  http://aumha.org/downloads/erunt.zip
• Right-click erunt.zip, select Extract All... and follow the prompts to extract ERUNT to a new folder on your Desktop
• Inside the new folder, double-click ERUNT.exe to start the program
• OK all the prompts to back up your registry to the default location.

Note: to restore your registry, go to the backup folder and start ERDNT.exe







Open OTL.exe

• Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  
  Code:

  :processes
  killallprocesses
  
  :OTL
  O2 - BHO: (no name) - {CCB3638E-35AB-45B3-A96F-8D45295CA9E2} - No CLSID value found.
  O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - No CLSID value found.
  O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} - No CLSID value found.
  O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} - No CLSID value found.
  O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\ShellBrowser: (no name) - {5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} - No CLSID value found.
  O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\WebBrowser: (no name) - {5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} - No CLSID value found.
  
  
  :Services
  
  :Reg
  
  :Files
  ipconfig /release /c
  ipconfig /renew /c
  ipconfig /flushdns /c
  
  
  
  
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [start explorer]
  [Reboot]

• Then click the Run Fix button at the top. <--Not run Scan
• Let the program run unhindered, reboot when it is done
• Then post the results of the log it produces.
• Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

[bellla]

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB3638E-35AB-45B3-A96F-8D45295CA9E2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCB3638E-35AB-45B3-A96F-8D45295CA9E2}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881}\ not found.
Registry value HKEY_USERS\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881}\ not found.
Registry value HKEY_USERS\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /release /c >
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.txt deleted successfully.
< ipconfig /renew /c >
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.0.104
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Could not flush the DNS Resolver Cache: Function failed during execution.
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: ALICIA
->Temp folder emptied: 36904 bytes
->Temporary Internet Files folder emptied: 2782343 bytes
->Java cache emptied: 87066570 bytes
->FireFox cache emptied: 109307290 bytes
->Flash cache emptied: 25826 bytes

User: All Users

User: Damien Lis
->Temp folder emptied: 12006149 bytes
->Temporary Internet Files folder emptied: 7140201 bytes
->Java cache emptied: 64195810 bytes
->FireFox cache emptied: 47073487 bytes
->Flash cache emptied: 25845 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: isabella
->Temp folder emptied: 7437352 bytes
->Temporary Internet Files folder emptied: 198938 bytes
->Java cache emptied: 2571672 bytes
->FireFox cache emptied: 54364946 bytes
->Flash cache emptied: 1238337 bytes

User: LocalService
->Temp folder emptied: 67529 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 405 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 2806 bytes

User: ROBERT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 495153 bytes
->Java cache emptied: 177231 bytes
->Flash cache emptied: 15243 bytes

User: Robert.HOME
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 8190222 bytes
->FireFox cache emptied: 109597429 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2325617 bytes
%systemroot%\System32 .tmp files removed: 6701073 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 62240481 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 104481764 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 300299 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 658.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04202011_201953

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[ken545]

Run OTL Scan and post a new log please and advise me on your Antivirus programs

ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.

1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
   ESET OnlineScan
2. Click the button.
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
   1. Click on to download the ESET Smart Installer. Save it to your desktop.
   2. Double click on the icon on your desktop.
4. Check
5. Click the button.
6. Accept any security warnings from your browser.
7. Check
8. Make sure that the option "Remove found threats" is Unchecked
9. Push the Start button.
10. ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
11. When the scan completes, push
12. Push , and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
13. Push the button.
14. Push

Please make sure you include the following items in your next post:
The log that was produced after running ESET Online Scanner.

[bellla]

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB3638E-35AB-45B3-A96F-8D45295CA9E2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCB3638E-35AB-45B3-A96F-8D45295CA9E2}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881}\ not found.
Registry value HKEY_USERS\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881}\ not found.
Registry value HKEY_USERS\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /release /c >
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.txt deleted successfully.
< ipconfig /renew /c >
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.0.104
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Could not flush the DNS Resolver Cache: Function failed during execution.
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\isabella\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: ALICIA
->Temp folder emptied: 36904 bytes
->Temporary Internet Files folder emptied: 2782343 bytes
->Java cache emptied: 87066570 bytes
->FireFox cache emptied: 109307290 bytes
->Flash cache emptied: 25826 bytes

User: All Users

User: Damien Lis
->Temp folder emptied: 12006149 bytes
->Temporary Internet Files folder emptied: 7140201 bytes
->Java cache emptied: 64195810 bytes
->FireFox cache emptied: 47073487 bytes
->Flash cache emptied: 25845 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: isabella
->Temp folder emptied: 7437352 bytes
->Temporary Internet Files folder emptied: 198938 bytes
->Java cache emptied: 2571672 bytes
->FireFox cache emptied: 54364946 bytes
->Flash cache emptied: 1238337 bytes

User: LocalService
->Temp folder emptied: 67529 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 405 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 2806 bytes

User: ROBERT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 495153 bytes
->Java cache emptied: 177231 bytes
->Flash cache emptied: 15243 bytes

User: Robert.HOME
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 8190222 bytes
->FireFox cache emptied: 109597429 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2325617 bytes
%systemroot%\System32 .tmp files removed: 6701073 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 62240481 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 104481764 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 300299 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 658.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04202011_201953

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Ken I would like to keep the Rogers AV

[bellla]

Ken,
Eset came back with no threats found..? so no log was produced.
I will run it again just in case I messed up.
I looked for the Ask toolbar to try to remove it, and could not find it..?
Thanks so much for all your help.

[ken545]

Good Morning,

Go ahead and run a new scan with OTL ( not the fix ) and post a new log

[bellla]

OTL logfile created on: 4/21/2011 4:32:24 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\isabella\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.44 Gb Total Space | 36.28 Gb Free Space | 50.78% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: isabella | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\isabella\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe (Radialpoint Inc.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe (Rogers)
PRC - C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files\Rogers\SelfHealing\RogersSelfHelpService.exe (Rogers Cable Communications)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Sony\SonicStage\SSAAD.exe ()


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\isabella\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (TrackMSN) -- File not found
SRV - (Hoopaasend) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (a2free) -- File not found
SRV - (ServicepointService) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
SRV - (scan) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\scan.dll (S.C. BitDefender S.R.L)
SRV - (Radialpoint Security Services) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
SRV - (RP_FWS) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe (Rogers)
SRV - (VaultClientUpgrade) -- C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe (Radialpoint SafeCare Inc.)
SRV - (VaultClientSRV) -- C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe (Radialpoint SafeCare Inc.)
SRV - (RogersSelfHelpService) -- C:\Program Files\Rogers\SelfHealing\RogersSelfHelpService.exe (Rogers Cable Communications)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (RadialpointIDSAgent) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (PDEngine) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (Raxco Software, Inc.)
SRV - (PDAgent) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
SRV - (nmraapache) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)


========== Driver Services (SafeList) ==========

DRV - (RPSKT) Security Services Driver (x86) -- C:\WINDOWS\system32\drivers\rp_skt32.sys (Radialpoint Inc.)
DRV - (Trufos) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\trufos.sys (BitDefender S.R.L.)
DRV - (Profos) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\profos.sys (BitDefender S.R.L.)
DRV - (RadialpointIDSDriver) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys (AVG Technologies )
DRV - (RadialpointIDSFilter) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys (AVG Technologies )
DRV - (RadialpointIDSShim) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys (AVG Technologies )
DRV - (RadialpointIDSEH) -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys (AVG Technologies )
DRV - (bdfsfltr) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (DefragFS) -- C:\WINDOWS\System32\drivers\DefragFs.sys (Raxco Software, Inc.)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Pure Networks, Inc.)
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Pure Networks, Inc.)
DRV - (AX88772) -- C:\WINDOWS\system32\drivers\ax88772.sys (ASIX Electronics Corp.)
DRV - (DSproct) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (GTek Technologies Ltd.)
DRV - (RT25USBAP) -- C:\WINDOWS\system32\drivers\RT25USBAP.SYS (Ralink Technology Inc.)
DRV - (senfilt) -- C:\WINDOWS\system32\drivers\senfilt.sys (Creative Technology Ltd.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (SDDMI2) -- C:\WINDOWS\system32\DDMI2.sys (Gteko Ltd.)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://ca.red.clientapps.yahoo.com/c...search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.ca/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.ca/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com...r/fix_homepage

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com...r/fix_homepage

IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/myway
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://rogers.my.yahoo.com/
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "http://ca.my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.5.2
FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20100911
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=en-CA&FORM=MIMWA1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/20 17:22:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 23:31:32 | 000,000,000 | ---D | M]

[2009/05/16 12:45:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Extensions
[2009/05/16 12:45:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/04/15 22:15:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Firefox\Profiles\oelpujiv.default\extensions
[2009/09/01 22:52:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Firefox\Profiles\oelpujiv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/24 11:07:26 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Firefox\Profiles\oelpujiv.default\extensions\pl@dictionaries.addons.mozilla.org
[2011/03/23 23:31:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ISABELLA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\OELPUJIV.DEFAULT\EXTENSIONS\AUTOFILLFORMS@BLUEIMP.NET.XPI
[2011/03/18 13:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/04/20 20:20:05 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (UberButton Class) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (YahooTaggedBM Class) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {CCB3638E-35AB-45B3-A96F-8D45295CA9E2} - No CLSID value found.
O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - No CLSID value found.
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Rogers SHS] C:\Program Files\Rogers\SelfHealing\shs.exe (Rogers Cable Communications Inc.)
O4 - HKLM..\Run: [RogersServicepointAgent.exe] C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Rogers Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.srtest.com/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} http://aol.powerchallenge.com/applet/PowerLoader.cab (PowerLoader Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/...oUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/...toUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemrequirementslab.com/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary...t.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} http://cdn1.acclaimdownloads.com/solidstateion.cab (CSolidBrowserObj Object)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} http://gamedownload.ijjimax.com/game...Plugin9USA.cab (HGPlugin9USA Class)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/tech...l/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} http://walmart.pnimedia.com/upload/a...pv2.0.0.9.cab? (Photo Upload Plugin Class)
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} http://walmart.pnimedia.com/upload/a...v2.0.0.10.cab? (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\isabella\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\isabella\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/02/23 15:39:12 | 000,000,398 | ---- | M] () - C:\AUTOEXEC.UP -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/20 21:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/04/20 20:19:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/20 16:57:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\isabella\Application Data\Malwarebytes
[2011/04/20 16:57:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/20 16:57:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/04/20 16:57:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/20 16:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/19 22:51:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/04/19 20:29:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\isabella\Local Settings\Application Data\PCHealth
[2011/04/19 19:29:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\isabella\IECompatCache
[2011/04/18 19:25:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2011/04/18 19:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/04/18 19:24:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/04/17 22:45:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/04/17 22:44:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/04/17 22:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/04/16 22:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/04/16 22:43:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/04/15 22:00:01 | 000,000,000 | ---D | C] -- C:\Rogers Online Protection
[2011/04/15 21:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\isabella\Application Data\QuickScan
[2011/04/13 05:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/04/13 05:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/04/12 21:39:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/04/12 21:39:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2007/08/24 20:12:17 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2005/08/31 19:56:14 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1 C:\Documents and Settings\isabella\My Documents\*.tmp files -> C:\Documents and Settings\isabella\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/21 06:41:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/21 06:41:32 | 2682,408,960 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/20 21:53:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/20 21:13:29 | 000,000,494 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2011/04/20 20:20:05 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/04/20 20:13:44 | 000,157,696 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERUNT.EXE
[2011/04/20 20:13:44 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\AUTOBACK.EXE
[2011/04/20 20:13:40 | 000,163,328 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERDNT.E_E
[2011/04/20 20:13:40 | 000,140,288 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\NTREGOPT.EXE
[2011/04/20 20:13:40 | 000,005,417 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\LOC_GER.ZIP
[2011/04/20 20:13:40 | 000,004,090 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERUNT.LOC
[2011/04/20 20:13:40 | 000,003,275 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERDNTWIN.LOC
[2011/04/20 20:13:40 | 000,002,815 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERDNTDOS.LOC
[2011/04/20 20:13:40 | 000,001,960 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\NTREGOPT.LOC
[2011/04/20 20:13:13 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Shortcut to erunt.lnk
[2011/04/20 16:57:24 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/20 16:28:11 | 000,135,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/19 22:59:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/19 22:54:49 | 000,442,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/19 22:54:49 | 000,072,160 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/19 21:08:40 | 000,002,307 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Microsoft Word.lnk
[2011/04/19 20:36:50 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\isabella\Desktop\TDSSKiller.exe
[2011/04/17 22:56:28 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Attach.zip
[2011/04/17 22:44:44 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERUNT.lnk
[2011/04/17 22:43:28 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Shortcut to erunt-setup.lnk
[2011/04/16 22:44:32 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\isabella\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/04/16 22:44:32 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Spybot - Search & Destroy.lnk
[2011/04/15 17:17:39 | 000,002,397 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Network Magic.lnk
[2011/03/23 23:31:50 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\isabella\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/23 23:31:50 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/03/23 12:00:00 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
[1 C:\Documents and Settings\isabella\My Documents\*.tmp files -> C:\Documents and Settings\isabella\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/20 20:13:13 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\Shortcut to erunt.lnk
[2011/04/20 16:57:24 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/17 22:56:28 | 000,001,558 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\Attach.zip
[2011/04/17 22:44:44 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\ERUNT.lnk
[2011/04/17 22:43:28 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\Shortcut to erunt-setup.lnk
[2011/04/17 21:38:12 | 2682,408,960 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/16 22:44:32 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\isabella\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/04/16 22:44:32 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\Spybot - Search & Destroy.lnk
[2011/03/23 23:31:50 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/03/23 23:31:50 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/07/31 06:23:09 | 002,205,064 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\shs_setup_4059-354328.exe
[2009/11/08 14:02:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/21 15:20:08 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen_x86.sys
[2009/06/03 19:04:27 | 001,900,184 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\shs_setup_4056-345359.exe
[2009/04/30 18:55:13 | 063,850,784 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/04/30 18:55:13 | 004,957,984 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/03/22 20:42:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/11/21 17:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/08/10 15:21:58 | 000,000,048 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/07/25 17:36:31 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\SHSupdates.xml
[2008/07/08 15:53:47 | 000,099,965 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2008/06/03 21:05:12 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\isabella\Local Settings\Application Data\fusioncache.dat
[2008/05/22 16:22:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ppsrc.ini
[2008/04/03 17:09:40 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\isabella\Application Data\FrontEndCD.ini
[2008/03/21 16:30:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/11/30 10:36:35 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007/10/17 11:17:52 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2007/09/08 17:17:06 | 000,000,013 | ---- | C] () -- C:\WINDOWS\msgtn.ini
[2007/04/08 22:17:32 | 000,000,052 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2006/09/02 22:11:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2006/09/02 21:16:13 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/09/02 21:16:12 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2006/09/02 21:16:12 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2006/09/02 21:16:12 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2006/09/02 21:16:12 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2006/09/02 21:16:12 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2006/09/02 21:16:12 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2006/09/02 21:16:12 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2006/09/02 21:16:12 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2006/09/02 21:16:12 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2006/09/02 21:16:12 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2006/09/02 21:16:12 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2006/09/02 21:16:12 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2006/09/02 21:16:12 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2006/09/02 21:16:12 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2006/09/02 21:16:12 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2006/09/02 21:16:12 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2006/09/02 21:16:12 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2006/09/02 21:16:12 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2006/07/14 15:35:46 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2006/06/29 18:19:26 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\id3vx_ocx.dll
[2006/03/04 17:56:27 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/03/04 17:51:51 | 000,000,706 | ---- | C] () -- C:\WINDOWS\EReg220.dat
[2005/12/31 15:19:08 | 001,097,728 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/12/31 15:13:14 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005/12/26 22:47:27 | 000,001,521 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/11/17 16:58:27 | 000,000,627 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2005/11/16 18:45:12 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2005/11/05 19:34:50 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\Lame.exe
[2005/10/07 19:07:57 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\isabella\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/10/03 22:04:06 | 000,002,930 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/09/25 17:47:51 | 000,004,376 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/09/25 17:45:25 | 000,000,494 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/09/25 10:54:15 | 000,000,368 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2005/09/10 11:30:45 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/10 11:07:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/08/31 20:30:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/31 20:20:33 | 000,000,818 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/08/31 20:14:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/08/31 19:56:30 | 000,000,017 | ---- | C] () -- C:\WINDOWS\System32\drivers\DVEMODEM.DAT
[2005/08/31 19:56:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/08/31 19:56:14 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2005/08/31 19:56:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2005/08/31 19:56:06 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/08/31 19:55:56 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/31 12:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:12:05 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 13:57:15 | 000,135,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:51:20 | 000,442,894 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:51:20 | 000,072,160 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/02/10 16:08:00 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2003/05/07 02:11:58 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002/11/13 16:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2002/06/06 01:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2002/01/14 22:36:28 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\MP2enc.dll
[2001/10/24 17:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[1999/01/22 14:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/11/19 17:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALICIA\Application Data\advantage
[2009/03/22 18:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALICIA\Application Data\PPStream
[2010/11/12 23:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALICIA\Application Data\Rogers Online Protection
[2005/08/31 20:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/02/23 21:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eboostr
[2007/06/03 19:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2005/11/16 19:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NFS Underground Demo
[2007/09/22 14:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Outspark
[2007/01/05 21:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2010/11/12 22:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/11/12 23:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rogers Online Protection
[2009/05/09 18:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2009/04/17 21:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TDK
[2008/05/09 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2007/09/15 19:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/26 22:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/11 00:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\Anvil Studio
[2009/06/28 13:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\gtk-2.0
[2009/07/18 09:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\LimeWire
[2009/03/21 09:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\PPStream
[2010/11/12 23:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\Rogers Online Protection
[2009/03/22 18:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\SystemRequirementsLab
[2009/04/26 20:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\uTorrent
[2007/05/09 21:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Gadu-Gadu
[2005/09/29 18:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Leadertech
[2009/12/28 15:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\LimeWire
[2010/08/24 23:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\MSNInstaller
[2005/10/22 22:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Musicmatch
[2006/09/02 21:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Panasonic
[2009/08/03 22:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\PPStream
[2011/04/15 21:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\QuickScan
[2010/11/12 23:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Rogers Online Protection
[2007/02/19 20:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Snapfish
[2009/03/10 18:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\SystemRequirementsLab
[2011/03/05 16:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Unity
[2005/09/10 14:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ROBERT\Application Data\Leadertech
[2005/10/04 17:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ROBERT\Application Data\MSNInstaller
[2011/03/23 12:00:00 | 000,000,400 | ---- | M] () -- C:\WINDOWS\Tasks\Schedule Task Weekly.job

========== Purity Check ==========



< End of report >

[ken545]

Let me give you a heads up on these programs as part of our service besides removing malware is to help you stay clean in the future. If you where sitting in my seat and dealing with all the latest threats you would rethink your surfing habits.

LimeWire
BitTorrent
Any form of file sharing is dangerous, your downloading that file from an unknown source, not all but most contain malware, its like playing Russian Roulette malwarewise. Doing what I do and knowing what I know I would no way no how ever allow any type of file sharing on any of my systems.

Why dont you do this, both Symantec and McAfee have removal tools for there product, run these and then post a new OTL log


Norton Removal Tool
http://service1.symantec.com/SUPPORT...05033108162039

Mcafee Removal Tool
http://majorgeeks.com/McAfee_Consume...ool_d5420.html
http://service.mcafee.com/FAQDocument.aspx?id=TS100507

[bellla]

Ken...
Those 2 sharing programs were installed by my son...I thought that I uninstalled them long ago, so why do they still show up on the logs??
Same with the Ask toolbar I can not find it in the add remove list to remove?
I am sorry I ran the OTL log, noticed the other Avs and uninstalled them before you provided the links, I just did it through the remove program..?

[bellla]

Please ignore my previous post, i figured out the removal part.
Here is the new log:

OTL logfile created on: 4/21/2011 7:13:30 PM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\isabella\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.44 Gb Total Space | 37.22 Gb Free Space | 52.09% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: isabella | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\isabella\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RPS.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe (Rogers)
PRC - C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files\Rogers\SelfHealing\RogersSelfHelpService.exe (Rogers Cable Communications)
PRC - C:\Program Files\Rogers\SelfHealing\shs.exe (Rogers Cable Communications Inc.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Sony\SonicStage\SSAAD.exe ()


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\isabella\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (TrackMSN) -- File not found
SRV - (Hoopaasend) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (a2free) -- File not found
SRV - (ServicepointService) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
SRV - (scan) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\scan.dll (S.C. BitDefender S.R.L)
SRV - (Radialpoint Security Services) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
SRV - (RP_FWS) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe (Rogers)
SRV - (VaultClientUpgrade) -- C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe (Radialpoint SafeCare Inc.)
SRV - (VaultClientSRV) -- C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe (Radialpoint SafeCare Inc.)
SRV - (RogersSelfHelpService) -- C:\Program Files\Rogers\SelfHealing\RogersSelfHelpService.exe (Rogers Cable Communications)
SRV - (RadialpointIDSAgent) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (PDEngine) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (Raxco Software, Inc.)
SRV - (PDAgent) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
SRV - (nmraapache) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)


========== Driver Services (SafeList) ==========

DRV - (RPSKT) Security Services Driver (x86) -- C:\WINDOWS\system32\drivers\rp_skt32.sys (Radialpoint Inc.)
DRV - (Trufos) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\trufos.sys (BitDefender S.R.L.)
DRV - (Profos) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\profos.sys (BitDefender S.R.L.)
DRV - (RadialpointIDSDriver) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys (AVG Technologies )
DRV - (RadialpointIDSFilter) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys (AVG Technologies )
DRV - (RadialpointIDSShim) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys (AVG Technologies )
DRV - (RadialpointIDSEH) -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys (AVG Technologies )
DRV - (bdfsfltr) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (DefragFS) -- C:\WINDOWS\System32\drivers\DefragFs.sys (Raxco Software, Inc.)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Pure Networks, Inc.)
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Pure Networks, Inc.)
DRV - (AX88772) -- C:\WINDOWS\system32\drivers\ax88772.sys (ASIX Electronics Corp.)
DRV - (DSproct) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (GTek Technologies Ltd.)
DRV - (RT25USBAP) -- C:\WINDOWS\system32\drivers\RT25USBAP.SYS (Ralink Technology Inc.)
DRV - (senfilt) -- C:\WINDOWS\system32\drivers\senfilt.sys (Creative Technology Ltd.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (SDDMI2) -- C:\WINDOWS\system32\DDMI2.sys (Gteko Ltd.)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://ca.red.clientapps.yahoo.com/c...search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.ca/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.ca/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com...r/fix_homepage

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com...r/fix_homepage

IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/myway
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://rogers.my.yahoo.com/
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "http://ca.my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.5.2
FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20100911
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=en-CA&FORM=MIMWA1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/20 17:22:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 23:31:32 | 000,000,000 | ---D | M]

[2009/05/16 12:45:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Extensions
[2009/05/16 12:45:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/04/15 22:15:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Firefox\Profiles\oelpujiv.default\extensions
[2009/09/01 22:52:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Firefox\Profiles\oelpujiv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/24 11:07:26 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Documents and Settings\isabella\Application Data\Mozilla\Firefox\Profiles\oelpujiv.default\extensions\pl@dictionaries.addons.mozilla.org
[2011/03/23 23:31:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ISABELLA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\OELPUJIV.DEFAULT\EXTENSIONS\AUTOFILLFORMS@BLUEIMP.NET.XPI
[2011/03/18 13:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/04/20 20:20:05 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (UberButton Class) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (YahooTaggedBM Class) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {CCB3638E-35AB-45B3-A96F-8D45295CA9E2} - No CLSID value found.
O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - No CLSID value found.
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - No CLSID value found.
O3 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Rogers SHS] C:\Program Files\Rogers\SelfHealing\shs.exe (Rogers Cable Communications Inc.)
O4 - HKLM..\Run: [RogersServicepointAgent.exe] C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010..\Run: [2A9F750FA284E740] C:\AVG.bin\AVG.bin.exe (BitDefender S.R.L.)
O4 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-1868238242-3347771443-3143855081-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Rogers Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.srtest.com/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} http://aol.powerchallenge.com/applet/PowerLoader.cab (PowerLoader Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/...oUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/...toUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemrequirementslab.com/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary...t.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} http://cdn1.acclaimdownloads.com/solidstateion.cab (CSolidBrowserObj Object)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} http://gamedownload.ijjimax.com/game...Plugin9USA.cab (HGPlugin9USA Class)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/tech...l/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} http://walmart.pnimedia.com/upload/a...pv2.0.0.9.cab? (Photo Upload Plugin Class)
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} http://walmart.pnimedia.com/upload/a...v2.0.0.10.cab? (Photo Upload Plugin Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\isabella\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\isabella\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/02/23 15:39:12 | 000,000,398 | ---- | M] () - C:\AUTOEXEC.UP -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/20 21:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/04/20 20:19:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/20 16:57:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\isabella\Application Data\Malwarebytes
[2011/04/20 16:57:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/20 16:57:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/04/20 16:57:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/20 16:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/19 20:29:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\isabella\Local Settings\Application Data\PCHealth
[2011/04/19 19:29:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\isabella\IECompatCache
[2011/04/18 19:25:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2011/04/18 19:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/04/18 19:24:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/04/17 22:45:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/04/17 22:44:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/04/17 22:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/04/16 22:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/04/16 22:43:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/04/15 22:00:01 | 000,000,000 | ---D | C] -- C:\Rogers Online Protection
[2011/04/15 21:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\isabella\Application Data\QuickScan
[2011/04/13 05:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/04/13 05:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/04/12 21:39:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/04/12 21:39:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2007/08/24 20:12:17 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2005/08/31 19:56:14 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1 C:\Documents and Settings\isabella\My Documents\*.tmp files -> C:\Documents and Settings\isabella\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/21 19:15:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/21 19:11:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/21 19:10:57 | 2682,408,960 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/20 21:13:29 | 000,000,494 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2011/04/20 20:20:05 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/04/20 20:13:44 | 000,157,696 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERUNT.EXE
[2011/04/20 20:13:44 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\AUTOBACK.EXE
[2011/04/20 20:13:40 | 000,163,328 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERDNT.E_E
[2011/04/20 20:13:40 | 000,140,288 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\NTREGOPT.EXE
[2011/04/20 20:13:40 | 000,005,417 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\LOC_GER.ZIP
[2011/04/20 20:13:40 | 000,004,090 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERUNT.LOC
[2011/04/20 20:13:40 | 000,003,275 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERDNTWIN.LOC
[2011/04/20 20:13:40 | 000,002,815 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERDNTDOS.LOC
[2011/04/20 20:13:40 | 000,001,960 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\NTREGOPT.LOC
[2011/04/20 20:13:13 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Shortcut to erunt.lnk
[2011/04/20 16:57:24 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/20 16:28:11 | 000,135,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/19 22:59:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/19 22:54:49 | 000,442,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/19 22:54:49 | 000,072,160 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/19 21:08:40 | 000,002,307 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Microsoft Word.lnk
[2011/04/19 20:36:50 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\isabella\Desktop\TDSSKiller.exe
[2011/04/17 22:56:28 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Attach.zip
[2011/04/17 22:44:44 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\ERUNT.lnk
[2011/04/17 22:43:28 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Shortcut to erunt-setup.lnk
[2011/04/16 22:44:32 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\isabella\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/04/16 22:44:32 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Spybot - Search & Destroy.lnk
[2011/04/15 17:17:39 | 000,002,397 | ---- | M] () -- C:\Documents and Settings\isabella\Desktop\Network Magic.lnk
[2011/03/23 23:31:50 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\isabella\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/23 23:31:50 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/03/23 12:00:00 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
[1 C:\Documents and Settings\isabella\My Documents\*.tmp files -> C:\Documents and Settings\isabella\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/20 20:13:13 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\Shortcut to erunt.lnk
[2011/04/20 16:57:24 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/17 22:56:28 | 000,001,558 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\Attach.zip
[2011/04/17 22:44:44 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\ERUNT.lnk
[2011/04/17 22:43:28 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\Shortcut to erunt-setup.lnk
[2011/04/17 21:38:12 | 2682,408,960 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/16 22:44:32 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\isabella\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/04/16 22:44:32 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\isabella\Desktop\Spybot - Search & Destroy.lnk
[2011/03/23 23:31:50 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/03/23 23:31:50 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/07/31 06:23:09 | 002,205,064 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\shs_setup_4059-354328.exe
[2009/11/08 14:02:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/21 15:20:08 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen_x86.sys
[2009/06/03 19:04:27 | 001,900,184 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\shs_setup_4056-345359.exe
[2009/04/30 18:55:13 | 063,850,784 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/04/30 18:55:13 | 004,957,984 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/03/22 20:42:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/11/21 17:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/08/10 15:21:58 | 000,000,048 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/07/25 17:36:31 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\SHSupdates.xml
[2008/07/08 15:53:47 | 000,099,965 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2008/06/03 21:05:12 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\isabella\Local Settings\Application Data\fusioncache.dat
[2008/05/22 16:22:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ppsrc.ini
[2008/04/03 17:09:40 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\isabella\Application Data\FrontEndCD.ini
[2008/03/21 16:30:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/11/30 10:36:35 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007/10/17 11:17:52 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2007/09/08 17:17:06 | 000,000,013 | ---- | C] () -- C:\WINDOWS\msgtn.ini
[2007/04/08 22:17:32 | 000,000,052 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2006/09/02 22:11:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2006/09/02 21:16:13 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/09/02 21:16:12 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2006/09/02 21:16:12 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2006/09/02 21:16:12 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2006/09/02 21:16:12 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2006/09/02 21:16:12 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2006/09/02 21:16:12 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2006/09/02 21:16:12 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2006/09/02 21:16:12 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2006/09/02 21:16:12 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2006/09/02 21:16:12 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2006/09/02 21:16:12 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2006/09/02 21:16:12 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2006/09/02 21:16:12 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2006/09/02 21:16:12 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2006/09/02 21:16:12 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2006/09/02 21:16:12 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2006/09/02 21:16:12 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2006/09/02 21:16:12 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2006/07/14 15:35:46 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2006/06/29 18:19:26 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\id3vx_ocx.dll
[2006/03/04 17:56:27 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/03/04 17:51:51 | 000,000,706 | ---- | C] () -- C:\WINDOWS\EReg220.dat
[2005/12/31 15:19:08 | 001,097,728 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/12/31 15:13:14 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005/12/26 22:47:27 | 000,001,521 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/11/17 16:58:27 | 000,000,627 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2005/11/16 18:45:12 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2005/11/05 19:34:50 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\Lame.exe
[2005/10/07 19:07:57 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\isabella\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/10/03 22:04:06 | 000,002,930 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/09/25 17:47:51 | 000,004,376 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/09/25 17:45:25 | 000,000,494 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/09/25 10:54:15 | 000,000,368 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2005/09/10 11:30:45 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/10 11:07:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/08/31 20:30:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/31 20:20:33 | 000,000,818 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/08/31 20:14:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/08/31 19:56:30 | 000,000,017 | ---- | C] () -- C:\WINDOWS\System32\drivers\DVEMODEM.DAT
[2005/08/31 19:56:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/08/31 19:56:14 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2005/08/31 19:56:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2005/08/31 19:56:06 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/08/31 19:55:56 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/31 12:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:12:05 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 13:57:15 | 000,135,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:51:20 | 000,442,894 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:51:20 | 000,072,160 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/02/10 16:08:00 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2003/05/07 02:11:58 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002/11/13 16:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2002/06/06 01:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2002/01/14 22:36:28 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\MP2enc.dll
[2001/10/24 17:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[1999/01/22 14:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/11/19 17:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALICIA\Application Data\advantage
[2009/03/22 18:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALICIA\Application Data\PPStream
[2010/11/12 23:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALICIA\Application Data\Rogers Online Protection
[2005/08/31 20:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/02/23 21:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eboostr
[2007/06/03 19:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2005/11/16 19:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NFS Underground Demo
[2007/09/22 14:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Outspark
[2007/01/05 21:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2010/11/12 22:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/11/12 23:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rogers Online Protection
[2009/05/09 18:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2009/04/17 21:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TDK
[2008/05/09 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2007/09/15 19:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/26 22:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/11 00:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\Anvil Studio
[2009/06/28 13:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\gtk-2.0
[2009/07/18 09:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\LimeWire
[2009/03/21 09:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\PPStream
[2010/11/12 23:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\Rogers Online Protection
[2009/03/22 18:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\SystemRequirementsLab
[2009/04/26 20:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damien Lis\Application Data\uTorrent
[2007/05/09 21:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Gadu-Gadu
[2005/09/29 18:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Leadertech
[2009/12/28 15:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\LimeWire
[2010/08/24 23:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\MSNInstaller
[2005/10/22 22:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Musicmatch
[2006/09/02 21:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Panasonic
[2009/08/03 22:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\PPStream
[2011/04/15 21:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\QuickScan
[2010/11/12 23:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Rogers Online Protection
[2007/02/19 20:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Snapfish
[2009/03/10 18:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\SystemRequirementsLab
[2011/03/05 16:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\isabella\Application Data\Unity
[2005/09/10 14:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ROBERT\Application Data\Leadertech
[2005/10/04 17:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ROBERT\Application Data\MSNInstaller
[2011/03/23 12:00:00 | 000,000,400 | ---- | M] () -- C:\WINDOWS\Tasks\Schedule Task Weekly.job

========== Purity Check ==========



< End of report >