Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: Unable to remove Click.GiftLoad please help!

  1. 2011-05-12, 00:03 #11
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    You have ASK Toolbar installed, read this and see if you can uninstall it via Add Remove Programs in the Control Panel

    * It promotes its toolbars on sites targeted at kids.
    * It promotes its toolbars through ads that appear to be part of other companies' sites.
    * It promotes its toolbars through other companies' spyware.
    * It is Installed without any disclosure whatsoever and without any consent from the user whatsoever.
    * It solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.
    * It makes confusing changes to user's browsers - increasing Ask's revenues while taking users to pages they didn't intend to visit.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  2. 2011-05-12, 00:37 #12
    Firewatch
    Firewatch is offline
    Junior Member
    Join Date
    Sep 2007
    Posts
    21

    Default

    Hi ken545 I went to add and remove programs and the ask toolbar is not listed there I also checked in my browsers (firefox) add ons and extensions and its not listed there either i was however able to remove it from the list of search engines used by my browser not sure if that is what you meant.
  3. 2011-05-12, 00:46 #13
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Thats fine, why dont your run a NEW scan with OTL and post the log and we can remove any trace of it
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  4. 2011-05-12, 00:59 #14
    Firewatch
    Firewatch is offline
    Junior Member
    Join Date
    Sep 2007
    Posts
    21

    Default

    Here you go.


    OTL logfile created on: 5/11/2011 6:54:18 PM - Run 3
    OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Admin\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1,022.00 Mb Total Physical Memory | 428.00 Mb Available Physical Memory | 42.00% Memory free
    2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
    Paging file location(s): C:\pagefile.sys 0 0 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 70.98 Gb Total Space | 38.78 Gb Free Space | 54.63% Space Free | Partition Type: NTFS

    Computer Name: PC10 | User Name: Admin | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Admin\desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgemcx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
    PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\Macrium\Reflect\ReflectService.exe ()
    PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\Admin\desktop\OTL.exe (OldTimer Tools)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (AppMgmt) -- File not found
    SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
    SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (ReflectService) -- C:\Program Files\Macrium\Reflect\ReflectService.exe ()
    SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
    SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
    SRV - (p2pgasvc) -- C:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
    DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
    DRV - (pssnap) -- C:\WINDOWS\system32\DRIVERS\pssnap.sys (Macrium Software)
    DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
    DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()
    DRV - (PnkBstrK) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys ()
    DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
    DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc)
    DRV - (HPFXBULK) -- C:\WINDOWS\system32\drivers\hpfxbulk.sys (Hewlett Packard)
    DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
    DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
    DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
    DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    IE - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
    IE - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
    FF - prefs.js..browser.search.selectedEngine: "Ask.com"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.bing.com/?FORM=MFEHPG&PUBL=Google&CREA=userid1743go51d367c64cb6b50c6d8b0b7fe5f35618"
    FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
    FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/04/29 10:48:56 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/10 19:39:18 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 13:55:27 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/29 13:55:27 | 000,000,000 | ---D | M]

    [2010/04/01 11:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
    [2010/04/01 11:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2011/05/11 18:30:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\2mjad9zz.default\extensions
    [2010/05/09 18:21:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\2mjad9zz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/03/12 15:54:35 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\2mjad9zz.default\extensions\personas@christopher.beard
    [2011/05/11 18:30:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2010/06/25 11:34:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/09/10 13:14:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2011/04/29 13:37:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
    [2011/05/10 19:39:18 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
    [2011/04/29 10:48:56 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.103.018.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
    [2010/03/04 20:45:04 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

    O1 HOSTS File: ([2011/04/29 01:15:34 | 000,433,204 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 14911 more lines...
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    O3 - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - Startup: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/ca...2.3.10.115.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.152.144.23 205.152.132.23
    O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O22 - SharedTaskScheduler: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - Reg Error: Key error. File not found
    O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Desktop Background.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Desktop Background.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{12a91d30-2fa0-11df-84f9-00123f938363}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{12a91d30-2fa0-11df-84f9-00123f938363}\Shell\AutoRun\command - "" = E:\autorun.exe
    O33 - MountPoints2\{12a91d30-2fa0-11df-84f9-00123f938363}\Shell\phone\command - "" = E:\autorun.exe
    O33 - MountPoints2\{12a91d31-2fa0-11df-84f9-00123f938363}\Shell\AutoRun\command - "" = F:\magicJack\autorun.exe
    O33 - MountPoints2\{12a91d31-2fa0-11df-84f9-00123f938363}\Shell\phone\command - "" = F:\magicJack\autorun.exe
    O33 - MountPoints2\{8c0f5d49-298b-11e0-869b-00123f938363}\Shell - "" = AutoRun
    O33 - MountPoints2\{8c0f5d49-298b-11e0-869b-00123f938363}\Shell\Auto\command - "" = E:\boot.exe
    O33 - MountPoints2\{8c0f5d49-298b-11e0-869b-00123f938363}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{8c0f5d49-298b-11e0-869b-00123f938363}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O35 - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/05/11 14:23:23 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
    [2011/05/11 13:53:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Malwarebytes
    [2011/05/11 13:53:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011/05/11 13:53:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/05/11 13:53:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/05/11 13:53:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011/05/11 13:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/05/11 10:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\tdsskiller
    [2011/05/10 20:50:05 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Admin\Desktop\aswMBR.exe
    [2011/05/10 19:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
    [2011/05/04 23:29:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2011/05/04 23:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2011/05/04 23:28:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
    [2011/05/01 14:21:34 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Admin\Desktop\TDSSKiller.exe
    [2011/04/29 14:04:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2011/04/29 14:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
    [2011/04/29 14:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
    [2011/04/29 13:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
    [2011/04/29 13:54:22 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2011/04/29 13:54:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2011/04/29 13:37:24 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011/04/29 13:37:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011/04/29 13:37:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011/04/27 21:17:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Real
    [2011/04/22 01:09:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
    [2011/04/22 01:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
    [2011/04/21 01:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
    [2011/04/20 16:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft
    [2011/04/20 16:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
    [2011/04/20 16:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\WowEquip
    [2011/04/20 16:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft Public Test
    [2011/04/20 16:54:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
    [2011/04/20 16:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
    [2011/04/19 20:31:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
    [2011/04/19 20:31:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
    [2011/04/19 17:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\BitTorrent
    [2011/04/19 16:15:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\My Games
    [2011/04/19 16:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\THQ
    [2011/04/18 23:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft(2)
    [2011/04/18 01:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\private
    [2011/04/17 17:36:55 | 000,000,000 | ---D | C] -- C:\$AVG
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/05/11 18:29:15 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\prvlcl.dat
    [2011/05/11 14:23:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
    [2011/05/11 13:53:42 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/05/11 13:46:23 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
    [2011/05/11 13:46:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/05/11 10:58:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/05/11 10:58:46 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
    [2011/05/11 10:41:10 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Admin\Desktop\TDSSKiller.exe
    [2011/05/11 10:39:16 | 001,280,815 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\tdsskiller.zip
    [2011/05/11 10:31:15 | 114,769,675 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
    [2011/05/11 04:48:16 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\MBR.dat
    [2011/05/10 20:50:24 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Admin\Desktop\aswMBR.exe
    [2011/05/10 20:49:24 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Regfix.reg
    [2011/05/10 19:39:57 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
    [2011/05/10 19:36:51 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
    [2011/05/10 19:36:51 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    [2011/05/05 22:48:51 | 000,000,891 | ---- | M] () -- C:\WINDOWS\orun32.ini
    [2011/05/04 23:53:46 | 000,003,157 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Attach.zip
    [2011/04/29 13:55:05 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
    [2011/04/29 11:15:14 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2011/04/29 01:15:34 | 000,433,204 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2011/04/28 23:27:59 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/04/28 19:15:09 | 000,442,774 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011/04/28 19:15:09 | 000,071,848 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2011/04/27 22:39:03 | 000,015,206 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\6s7j3n5y784145qp541bq567xiv72586o528c6
    [2011/04/27 22:39:03 | 000,015,206 | -HS- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\6s7j3n5y784145qp541bq567xiv72586o528c6
    [2011/04/20 20:08:24 | 000,003,739 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2011/04/20 17:03:10 | 000,341,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/04/16 15:53:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSDriver.sys
    [2011/04/14 05:08:11 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011/04/14 05:08:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011/04/14 05:08:09 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011/04/14 05:07:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [2011/04/14 02:40:22 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2011/04/13 11:33:03 | 006,698,880 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Seether - Pig.mp3
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/05/11 13:53:42 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/05/11 10:39:00 | 001,280,815 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\tdsskiller.zip
    [2011/05/10 20:51:30 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\MBR.dat
    [2011/05/10 20:49:24 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Regfix.reg
    [2011/05/04 23:53:00 | 000,003,157 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Attach.zip
    [2011/04/29 14:04:41 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    [2011/04/29 14:04:40 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
    [2011/04/29 13:55:04 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
    [2011/04/27 22:36:59 | 000,015,206 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\6s7j3n5y784145qp541bq567xiv72586o528c6
    [2011/04/27 22:36:59 | 000,015,206 | -HS- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\6s7j3n5y784145qp541bq567xiv72586o528c6
    [2011/04/20 01:02:20 | 1071,796,224 | -HS- | C] () -- C:\hiberfil.sys
    [2010/12/14 04:03:41 | 001,359,176 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2010/07/20 12:48:24 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
    [2010/05/26 08:43:07 | 000,000,228 | ---- | C] () -- C:\WINDOWS\dellstat.ini
    [2010/05/10 19:27:10 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP120JPR.{PB
    [2010/05/10 19:27:10 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP120JCM.{PB
    [2010/04/06 14:17:17 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/03/30 15:01:15 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP110JPR.{PB
    [2010/03/30 15:01:15 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP110JCM.{PB
    [2010/03/22 19:32:41 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/02/24 01:40:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\prvlcl.dat
    [2010/02/20 23:49:40 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2009/12/23 03:00:20 | 398,762,585 | ---- | C] () -- C:\Program Files\mountandblade_1003_setup.exe
    [2009/11/29 22:34:11 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
    [2009/11/29 22:34:11 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
    [2009/11/29 22:34:10 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
    [2009/11/29 22:32:06 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
    [2009/11/22 17:47:55 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
    [2009/11/22 12:29:45 | 000,000,318 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
    [2009/11/22 12:29:20 | 000,001,100 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
    [2009/11/22 12:29:08 | 000,237,568 | R--- | C] () -- C:\WINDOWS\System32\hppapr02.DLL
    [2009/11/22 12:29:08 | 000,000,526 | R--- | C] () -- C:\WINDOWS\System32\hppapr02.DAT
    [2008/02/09 23:37:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
    [2007/08/13 22:48:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
    [2007/07/12 17:55:26 | 000,022,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
    [2007/07/02 18:05:35 | 000,099,904 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
    [2007/07/02 18:05:23 | 000,063,040 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
    [2007/06/04 18:40:15 | 000,000,347 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2007/02/16 17:16:36 | 000,000,653 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
    [2006/09/05 15:09:00 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
    [2006/09/03 16:32:06 | 000,002,301 | ---- | C] () -- C:\WINDOWS\mozver.dat
    [2006/08/20 21:03:31 | 000,004,001 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
    [2006/05/13 15:56:31 | 000,001,682 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
    [2006/05/13 15:56:31 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\1B4F1933F5.sys
    [2006/04/05 00:06:20 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
    [2006/02/13 23:05:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2006/02/13 23:05:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
    [2006/02/13 23:05:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2006/02/13 23:05:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
    [2006/02/13 23:05:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2006/02/13 23:05:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
    [2006/02/13 23:05:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2006/02/13 23:05:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
    [2006/02/13 23:05:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
    [2006/02/13 23:05:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
    [2005/08/10 08:17:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2005/08/10 08:07:03 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2005/08/10 08:04:00 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2005/08/10 07:38:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
    [2005/08/10 07:38:16 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
    [2004/08/10 14:12:05 | 000,000,891 | ---- | C] () -- C:\WINDOWS\orun32.ini
    [2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2004/08/10 13:57:15 | 000,341,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2004/08/10 13:51:20 | 000,442,774 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2004/08/10 13:51:20 | 000,071,848 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
    [2004/02/10 16:08:00 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
    [2002/11/13 16:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
    [2001/07/06 17:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
    [1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

    ========== LOP Check ==========

    [2011/03/01 04:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\AVG10
    [2011/04/20 16:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\BitTorrent
    [2010/04/09 13:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2010/07/20 18:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\desksware
    [2011/03/02 16:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\GlarySoft
    [2010/03/14 15:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\mjusbsp
    [2011/03/22 22:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mount&Blade
    [2010/07/12 22:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mount&Blade Warband
    [2010/10/17 17:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Petroglyph
    [2010/08/13 04:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Recruitment Viewer
    [2010/12/19 21:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\runic games
    [2011/03/01 13:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    [2011/03/07 04:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
    [2006/11/01 00:09:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
    [2011/02/28 22:10:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2011/03/24 21:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
    [2011/04/29 10:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2009/09/29 21:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
    [2011/03/24 21:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/07/20 13:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2011/03/26 14:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\AVG10
    [2011/04/28 23:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\AVG10
    [2011/03/02 09:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\U211\Application Data\AVG10
    [2010/07/24 02:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\U211\Application Data\Petroglyph
    [2010/06/12 12:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\U211\Application Data\Search Settings
    [2010/06/12 12:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\U211\Application Data\YouTube Downloader
    [2011/05/11 13:46:23 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

    < End of report >
  5. 2011-05-12, 01:02 #15
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Open OTL.exe
    • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

      Code:
      :processes
killallprocesses

:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4


:Services

:Reg

:Files
ipconfig /release /c
ipconfig /renew /c
ipconfig /flushdns /c





:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
    • Then click the Run Fix button at the top. <--Not run Scan
    • Let the program run unhindered, reboot when it is done
    • Then post the results of the log it produces.
    • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  6. 2011-05-12, 01:28 #16
    Firewatch
    Firewatch is offline
    Junior Member
    Join Date
    Sep 2007
    Posts
    21

    Default

    Ok here is the result after reboot


    Files\Folders moved on Reboot...
    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

    Registry entries deleted on Reboot...


    Here is the new OTL log


    OTL logfile created on: 5/11/2011 7:22:51 PM - Run 4
    OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Admin\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1,022.00 Mb Total Physical Memory | 462.00 Mb Available Physical Memory | 45.00% Memory free
    2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
    Paging file location(s): C:\pagefile.sys 0 0 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 70.98 Gb Total Space | 38.83 Gb Free Space | 54.71% Space Free | Partition Type: NTFS

    Computer Name: PC10 | User Name: Admin | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Admin\desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgemcx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
    PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\Macrium\Reflect\ReflectService.exe ()
    PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\Admin\desktop\OTL.exe (OldTimer Tools)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (AppMgmt) -- File not found
    SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
    SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (ReflectService) -- C:\Program Files\Macrium\Reflect\ReflectService.exe ()
    SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
    SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
    SRV - (p2pgasvc) -- C:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
    DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
    DRV - (pssnap) -- C:\WINDOWS\system32\DRIVERS\pssnap.sys (Macrium Software)
    DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
    DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()
    DRV - (PnkBstrK) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys ()
    DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
    DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc)
    DRV - (HPFXBULK) -- C:\WINDOWS\system32\drivers\hpfxbulk.sys (Hewlett Packard)
    DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
    DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
    DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
    DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    IE - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
    IE - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: ""
    FF - prefs.js..browser.search.defaultenginename: ""
    FF - prefs.js..browser.search.order.1: ""
    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
    FF - prefs.js..browser.search.selectedEngine: ""
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.bing.com/?FORM=MFEHPG&PUBL=Google&CREA=userid1743go51d367c64cb6b50c6d8b0b7fe5f35618"
    FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
    FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/04/29 10:48:56 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/10 19:39:18 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 13:55:27 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/29 13:55:27 | 000,000,000 | ---D | M]

    [2010/04/01 11:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
    [2010/04/01 11:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2011/05/11 18:30:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\2mjad9zz.default\extensions
    [2010/05/09 18:21:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\2mjad9zz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/03/12 15:54:35 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\2mjad9zz.default\extensions\personas@christopher.beard
    [2011/05/11 18:30:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2010/06/25 11:34:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/09/10 13:14:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2011/04/29 13:37:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
    [2011/05/10 19:39:18 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
    [2011/04/29 10:48:56 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.103.018.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
    [2010/03/04 20:45:04 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

    Hosts file not found
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    O3 - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
    O4 - Startup: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/ca...2.3.10.115.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.152.144.23 205.152.132.23
    O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
    O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O22 - SharedTaskScheduler: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - Reg Error: Key error. File not found
    O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Desktop Background.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Desktop Background.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{12a91d30-2fa0-11df-84f9-00123f938363}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{12a91d30-2fa0-11df-84f9-00123f938363}\Shell\AutoRun\command - "" = E:\autorun.exe
    O33 - MountPoints2\{12a91d30-2fa0-11df-84f9-00123f938363}\Shell\phone\command - "" = E:\autorun.exe
    O33 - MountPoints2\{12a91d31-2fa0-11df-84f9-00123f938363}\Shell\AutoRun\command - "" = F:\magicJack\autorun.exe
    O33 - MountPoints2\{12a91d31-2fa0-11df-84f9-00123f938363}\Shell\phone\command - "" = F:\magicJack\autorun.exe
    O33 - MountPoints2\{8c0f5d49-298b-11e0-869b-00123f938363}\Shell - "" = AutoRun
    O33 - MountPoints2\{8c0f5d49-298b-11e0-869b-00123f938363}\Shell\Auto\command - "" = E:\boot.exe
    O33 - MountPoints2\{8c0f5d49-298b-11e0-869b-00123f938363}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{8c0f5d49-298b-11e0-869b-00123f938363}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O35 - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKU\S-1-5-21-3339496350-2990601397-2661011218-1010\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/05/11 19:06:01 | 000,000,000 | ---D | C] -- C:\_OTL
    [2011/05/11 14:23:23 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
    [2011/05/11 13:53:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Malwarebytes
    [2011/05/11 13:53:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011/05/11 13:53:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/05/11 13:53:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/05/11 13:53:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011/05/11 13:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/05/11 10:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\tdsskiller
    [2011/05/10 20:50:05 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Admin\Desktop\aswMBR.exe
    [2011/05/10 19:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
    [2011/05/04 23:29:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2011/05/04 23:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2011/05/04 23:28:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
    [2011/05/01 14:21:34 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Admin\Desktop\TDSSKiller.exe
    [2011/04/29 14:04:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2011/04/29 14:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
    [2011/04/29 14:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
    [2011/04/29 13:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
    [2011/04/29 13:54:22 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2011/04/29 13:54:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2011/04/29 13:37:24 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011/04/29 13:37:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011/04/29 13:37:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011/04/27 21:17:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Real
    [2011/04/22 01:09:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
    [2011/04/22 01:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
    [2011/04/21 01:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
    [2011/04/20 16:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft
    [2011/04/20 16:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
    [2011/04/20 16:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\WowEquip
    [2011/04/20 16:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft Public Test
    [2011/04/20 16:54:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
    [2011/04/20 16:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
    [2011/04/19 20:31:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
    [2011/04/19 20:31:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
    [2011/04/19 17:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\BitTorrent
    [2011/04/19 16:15:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\My Games
    [2011/04/19 16:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\THQ
    [2011/04/18 23:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft(2)
    [2011/04/18 01:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\private
    [2011/04/17 17:36:55 | 000,000,000 | ---D | C] -- C:\$AVG
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/05/11 19:20:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/05/11 19:20:45 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
    [2011/05/11 19:19:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/05/11 19:19:43 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
    [2011/05/11 18:29:15 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\prvlcl.dat
    [2011/05/11 14:23:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
    [2011/05/11 13:53:42 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/05/11 10:41:10 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Admin\Desktop\TDSSKiller.exe
    [2011/05/11 10:39:16 | 001,280,815 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\tdsskiller.zip
    [2011/05/11 10:31:15 | 114,769,675 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
    [2011/05/11 04:48:16 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\MBR.dat
    [2011/05/10 20:50:24 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Admin\Desktop\aswMBR.exe
    [2011/05/10 20:49:24 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Regfix.reg
    [2011/05/10 19:39:57 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
    [2011/05/10 19:36:51 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
    [2011/05/10 19:36:51 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    [2011/05/05 22:48:51 | 000,000,891 | ---- | M] () -- C:\WINDOWS\orun32.ini
    [2011/05/04 23:53:46 | 000,003,157 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Attach.zip
    [2011/04/29 13:55:05 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
    [2011/04/29 11:15:14 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2011/04/28 23:27:59 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/04/28 19:15:09 | 000,442,774 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011/04/28 19:15:09 | 000,071,848 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2011/04/27 22:39:03 | 000,015,206 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\6s7j3n5y784145qp541bq567xiv72586o528c6
    [2011/04/27 22:39:03 | 000,015,206 | -HS- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\6s7j3n5y784145qp541bq567xiv72586o528c6
    [2011/04/20 20:08:24 | 000,003,739 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2011/04/20 17:03:10 | 000,341,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/04/16 15:53:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSDriver.sys
    [2011/04/14 05:08:11 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011/04/14 05:08:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011/04/14 05:08:09 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011/04/14 05:07:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [2011/04/14 02:40:22 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2011/04/13 11:33:03 | 006,698,880 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Seether - Pig.mp3
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/05/11 13:53:42 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/05/11 10:39:00 | 001,280,815 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\tdsskiller.zip
    [2011/05/10 20:51:30 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\MBR.dat
    [2011/05/10 20:49:24 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Regfix.reg
    [2011/05/04 23:53:00 | 000,003,157 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Attach.zip
    [2011/04/29 14:04:41 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    [2011/04/29 14:04:40 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
    [2011/04/29 13:55:04 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
    [2011/04/27 22:36:59 | 000,015,206 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\6s7j3n5y784145qp541bq567xiv72586o528c6
    [2011/04/27 22:36:59 | 000,015,206 | -HS- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\6s7j3n5y784145qp541bq567xiv72586o528c6
    [2011/04/20 01:02:20 | 1071,796,224 | -HS- | C] () -- C:\hiberfil.sys
    [2010/12/14 04:03:41 | 001,359,176 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2010/07/20 12:48:24 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
    [2010/05/26 08:43:07 | 000,000,228 | ---- | C] () -- C:\WINDOWS\dellstat.ini
    [2010/05/10 19:27:10 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP120JPR.{PB
    [2010/05/10 19:27:10 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP120JCM.{PB
    [2010/04/06 14:17:17 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/03/30 15:01:15 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP110JPR.{PB
    [2010/03/30 15:01:15 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP110JCM.{PB
    [2010/03/22 19:32:41 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/02/24 01:40:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\prvlcl.dat
    [2010/02/20 23:49:40 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2009/12/23 03:00:20 | 398,762,585 | ---- | C] () -- C:\Program Files\mountandblade_1003_setup.exe
    [2009/11/29 22:34:11 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
    [2009/11/29 22:34:11 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
    [2009/11/29 22:34:10 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
    [2009/11/29 22:32:06 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
    [2009/11/22 17:47:55 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
    [2009/11/22 12:29:45 | 000,000,318 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
    [2009/11/22 12:29:20 | 000,001,100 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
    [2009/11/22 12:29:08 | 000,237,568 | R--- | C] () -- C:\WINDOWS\System32\hppapr02.DLL
    [2009/11/22 12:29:08 | 000,000,526 | R--- | C] () -- C:\WINDOWS\System32\hppapr02.DAT
    [2008/02/09 23:37:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
    [2007/08/13 22:48:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
    [2007/07/12 17:55:26 | 000,022,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
    [2007/07/02 18:05:35 | 000,099,904 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
    [2007/07/02 18:05:23 | 000,063,040 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
    [2007/06/04 18:40:15 | 000,000,347 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2007/02/16 17:16:36 | 000,000,653 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
    [2006/09/05 15:09:00 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
    [2006/09/03 16:32:06 | 000,002,301 | ---- | C] () -- C:\WINDOWS\mozver.dat
    [2006/08/20 21:03:31 | 000,004,001 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
    [2006/05/13 15:56:31 | 000,001,682 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
    [2006/05/13 15:56:31 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\1B4F1933F5.sys
    [2006/04/05 00:06:20 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
    [2006/02/13 23:05:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2006/02/13 23:05:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
    [2006/02/13 23:05:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2006/02/13 23:05:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
    [2006/02/13 23:05:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2006/02/13 23:05:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
    [2006/02/13 23:05:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2006/02/13 23:05:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
    [2006/02/13 23:05:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
    [2006/02/13 23:05:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
    [2005/08/10 08:17:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2005/08/10 08:07:03 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2005/08/10 08:04:00 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2005/08/10 07:38:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
    [2005/08/10 07:38:16 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
    [2004/08/10 14:12:05 | 000,000,891 | ---- | C] () -- C:\WINDOWS\orun32.ini
    [2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2004/08/10 13:57:15 | 000,341,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2004/08/10 13:51:20 | 000,442,774 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2004/08/10 13:51:20 | 000,071,848 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
    [2004/02/10 16:08:00 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
    [2002/11/13 16:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
    [2001/07/06 17:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
    [1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

    < End of report >
  7. 2011-05-12, 01:30 #17
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    How is your system behaving now ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  8. 2011-05-12, 01:34 #18
    Firewatch
    Firewatch is offline
    Junior Member
    Join Date
    Sep 2007
    Posts
    21

    Default

    A+ Thanks for your patience and lending your time to help me fix this. I know its not an easy task but i appreciate it a lot. Hope I dont have to come back here for another five years though
  9. 2011-05-12, 01:40 #19
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    My pleasure

    Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups





    Safe Surfn
    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  10. 2011-05-15, 23:07 #20
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules