-
Here's the OTL file created.
OTL logfile created on: 3/27/2010 1:47:45 PM - Run 2
OTL by OldTimer - Version 3.1.37.3 Folder = C:\
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
958.00 Mb Total Physical Memory | 447.00 Mb Available Physical Memory | 47.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 52.09 Gb Free Space | 37.48% Space Free | Partition Type: NTFS
Drive D: | 10.06 Gb Total Space | 1.06 Gb Free Space | 10.58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SARAH-PC
Current User Name: Sarah
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/03/22 18:17:44 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2010/03/20 16:33:32 | 002,059,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/03/20 16:33:22 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/20 16:33:20 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/03/20 16:33:07 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/20 16:32:46 | 000,596,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/03/20 16:32:43 | 005,888,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/03/20 16:32:21 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/20 16:32:16 | 001,086,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/03/20 16:32:05 | 000,836,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/03/20 09:41:59 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010/01/21 19:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/20 23:09:28 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/05/18 22:23:00 | 000,106,593 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
PRC - [2007/05/18 22:22:58 | 000,266,339 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
PRC - [2007/04/09 14:27:08 | 000,071,176 | ---- | M] (Nortel Networks NA, Inc.) -- C:\Program Files\Nortel Networks\NvcRpcSvr.exe
PRC - [2007/01/10 07:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/01/06 00:04:10 | 000,554,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/01/05 10:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
========== Modules (SafeList) ==========
MOD - [2010/03/22 18:17:44 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
MOD - [2010/03/20 16:33:21 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2008/01/19 03:26:34 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/03/20 16:33:07 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/20 16:32:43 | 005,888,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/03/20 16:32:29 | 002,325,816 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/03/20 16:32:23 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/01/21 19:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/25 08:03:56 | 001,174,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/05/18 22:23:00 | 000,106,593 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/05/18 22:22:58 | 000,266,339 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007/04/09 14:27:08 | 000,071,176 | ---- | M] (Nortel Networks NA, Inc.) [Auto | Running] -- C:\Program Files\Nortel Networks\NvcRpcSvr.exe -- (NvcRpcServer)
SRV - [2007/01/14 09:11:06 | 000,080,504 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2007/01/13 05:40:58 | 000,049,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/10 07:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/01/10 07:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/01/10 07:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/01/09 17:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2007/01/06 00:04:10 | 002,918,008 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/01/06 00:04:10 | 000,554,616 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/01/05 10:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/access/autosearch.asp?p=%s
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/03/20 16:40:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/27 08:01:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/27 08:01:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/09/01 13:01:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2009/12/30 16:49:29 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Mozilla\Extensions
[2010/03/27 08:12:00 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\crrdj11o.default\extensions
[2009/12/30 16:57:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\crrdj11o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/22 20:58:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/09/22 11:15:24 | 000,404,992 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
O1 HOSTS File: ([2010/03/23 17:39:44 | 000,006,977 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 99.189.54
O1 - Hosts: 127.0.0.1 99.189.52
O1 - Hosts: 127.0.0.1 99.14.103
O1 - Hosts: 127.0.0.1 98.223.73
O1 - Hosts: 127.0.0.1 97.80.137
O1 - Hosts: 127.0.0.1 95.134.16
O1 - Hosts: 127.0.0.1 95.133.8.
O1 - Hosts: 127.0.0.1 95.133.23
O1 - Hosts: 127.0.0.1 95.133.23
O1 - Hosts: 127.0.0.1 95.133.14
O1 - Hosts: 127.0.0.1 95.133.11
O1 - Hosts: 127.0.0.1 95.105.17
O1 - Hosts: 127.0.0.1 94.53.2.1
O1 - Hosts: 127.0.0.1 94.23.201
O1 - Hosts: 127.0.0.1 94.179.55
O1 - Hosts: 127.0.0.1 94.179.48
O1 - Hosts: 127.0.0.1 94.179.19
O1 - Hosts: 127.0.0.1 94.179.11
O1 - Hosts: 127.0.0.1 94.178.65
O1 - Hosts: 127.0.0.1 93.39.197
O1 - Hosts: 127.0.0.1 93.186.17
O1 - Hosts: 127.0.0.1 93.136.83
O1 - Hosts: 127.0.0.1 93.112.91
O1 - Hosts: 273 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\5.0.342.0\npchrome_frame.dll (@COMPANY_FULLNAME@)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IS CfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe (Symantec Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoZone iSync.lnk = C:\Program Files\GoZone\GoZone_iSync.exe (Virgin HealthMiles Inc.)
O4 - Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: waynemutual.com ([sslvpn] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite....x/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {11FAB11B-4792-4B59-85DF-23C6688B07B3} https://sslvpn.waynemutual.com/XTSAC.cab (XTSAC Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {DD5E6739-FDD6-4542-8940-4A4B8AB5276E} https://sslvpn.waynemutual.com/NGVPNTunnel.cab (NGVPLaunch Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cf - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\5.0.342.0\npchrome_frame.dll (@COMPANY_FULLNAME@)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/25 08:42:24 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = secfile] -- Reg Error: Value error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 14 Days ==========
[2010/03/23 06:51:43 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\FreeFixer
[2010/03/23 06:51:43 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\FreeFixer
[2010/03/23 06:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer
[2010/03/23 06:03:43 | 000,000,000 | -HSD | C] -- C:\found.000
[2010/03/22 19:54:49 | 000,000,000 | ---D | C] -- C:\Users\Sarah\Favorites\Desktop\New Folder
[2010/03/22 18:19:22 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2010/03/22 18:11:51 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\AVG9
[2010/03/21 19:36:34 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/03/21 12:50:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/21 12:50:50 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/21 12:50:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/21 10:38:46 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Malwarebytes
[2010/03/21 10:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/20 16:33:21 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/20 11:33:46 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/03/20 11:33:19 | 000,025,096 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys
[2010/03/20 11:33:18 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/03/20 11:33:16 | 000,242,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/03/20 11:33:00 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/20 11:32:58 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/20 11:32:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/03/20 11:29:00 | 000,024,856 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys
[2010/03/20 11:28:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/03/20 11:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/03/20 10:13:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/03/20 10:13:49 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/03/20 10:13:49 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old
[2010/03/20 10:13:49 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/03/20 10:00:48 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/03/20 10:00:48 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/03/20 10:00:26 | 000,207,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/03/20 10:00:25 | 000,087,784 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/03/20 09:59:49 | 000,070,408 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/03/20 09:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/03/20 09:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/03/20 09:59:32 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\PC Tools
[2010/03/20 09:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/03/19 17:17:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/03/19 17:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/03/19 17:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/19 16:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/03/19 12:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\DVDFab 7
[2010/03/19 10:53:20 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\DVDFab
[2008/01/04 19:34:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Sarah\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 14 Days ==========
[2010/03/27 13:52:48 | 003,145,728 | -HS- | M] () -- C:\Users\Sarah\ntuser.dat
[2010/03/27 13:47:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/27 13:45:02 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/27 13:45:02 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/27 13:32:10 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2560255393-9658072-2611782331-1000UA.job
[2010/03/27 11:01:02 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/03/27 09:47:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/27 07:53:57 | 000,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/03/27 07:52:37 | 000,068,645 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\nvModes.001
[2010/03/27 07:49:08 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/27 07:48:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/27 07:48:38 | 1005,486,080 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/27 06:52:55 | 057,977,134 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/03/26 19:32:10 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2560255393-9658072-2611782331-1000Core.job
[2010/03/23 20:51:53 | 000,524,288 | -HS- | M] () -- C:\Users\Sarah\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/03/23 20:51:53 | 000,065,536 | -HS- | M] () -- C:\Users\Sarah\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/03/23 20:51:48 | 003,125,662 | -H-- | M] () -- C:\Users\Sarah\AppData\Local\IconCache.db
[2010/03/23 20:19:24 | 175,470,682 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/03/23 20:11:48 | 000,011,412 | -HS- | M] () -- C:\ProgramData\VH56DJI7u87yo
[2010/03/23 17:39:44 | 000,006,977 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/03/23 06:52:42 | 000,011,432 | -HS- | M] () -- C:\Users\Sarah\AppData\Local\VH56DJI7u87yo
[2010/03/23 06:19:51 | 000,007,268 | ---- | M] () -- C:\Users\Sarah\AppData\Local\d3d9caps.dat
[2010/03/22 19:39:17 | 000,011,446 | -HS- | M] () -- C:\ProgramData\1363166623
[2010/03/22 18:18:00 | 000,293,376 | ---- | M] () -- C:\if1xljrs.exe
[2010/03/22 18:17:44 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2010/03/22 18:11:05 | 000,068,645 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\nvModes.dat
[2010/03/21 14:08:00 | 000,002,523 | ---- | M] () -- C:\Users\Sarah\Favorites\Desktop\HiJackThis.lnk
[2010/03/21 12:50:57 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/20 17:33:23 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/03/20 17:33:23 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/03/20 17:33:23 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/03/20 16:33:28 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/03/20 16:33:21 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/20 16:33:21 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/20 16:32:51 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys
[2010/03/20 16:32:22 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/20 16:32:08 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/03/20 11:33:22 | 000,001,647 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/03/20 11:32:58 | 000,572,937 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2010/03/20 11:32:57 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/20 11:32:40 | 006,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2010/03/20 11:32:40 | 000,492,629 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010/03/20 11:32:40 | 000,142,495 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/03/20 11:29:00 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys
[2010/03/20 09:46:37 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/20 09:09:18 | 003,145,728 | -HS- | M] () -- C:\Users\Sarah\ntuser.dat_previous
[2010/03/19 16:28:45 | 000,000,036 | ---- | M] () -- C:\Users\Sarah\AppData\Local\housecall.guid.cache
[2010/03/16 20:09:24 | 000,224,256 | ---- | M] () -- C:\Users\Sarah\Favorites\Desktop\Loan_calc_extra_payments.xls
[2010/03/14 21:15:03 | 000,000,062 | ---- | M] () -- C:\Users\Sarah\Favorites\Desktop\Web History.URL
[2010/03/14 21:15:03 | 000,000,062 | ---- | M] () -- C:\Users\Sarah\Documents\Web History.URL
========== Files Created - No Company Name ==========
[2010/03/23 06:09:55 | 1005,486,080 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/22 19:38:46 | 000,011,446 | -HS- | C] () -- C:\ProgramData\1363166623
[2010/03/22 19:38:46 | 000,011,432 | -HS- | C] () -- C:\Users\Sarah\AppData\Local\VH56DJI7u87yo
[2010/03/22 18:19:22 | 000,293,376 | ---- | C] () -- C:\if1xljrs.exe
[2010/03/22 11:36:45 | 000,011,412 | -HS- | C] () -- C:\ProgramData\VH56DJI7u87yo
[2010/03/21 14:03:16 | 000,002,523 | ---- | C] () -- C:\Users\Sarah\Favorites\Desktop\HiJackThis.lnk
[2010/03/21 12:50:57 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/20 11:33:22 | 000,001,647 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/03/20 11:32:57 | 000,572,937 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2010/03/20 11:32:57 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/20 11:32:40 | 057,977,134 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/03/20 11:32:40 | 006,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2010/03/20 11:32:40 | 000,492,629 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010/03/20 11:32:40 | 000,142,495 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/03/20 10:13:50 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/03/20 10:13:50 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/03/20 10:13:50 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/03/20 10:13:50 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/03/20 10:13:50 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/03/20 10:13:49 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/03/20 10:00:48 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/03/20 10:00:26 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/03/20 10:00:25 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/03/20 09:59:49 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/03/19 16:28:45 | 000,000,036 | ---- | C] () -- C:\Users\Sarah\AppData\Local\housecall.guid.cache
[2010/03/19 07:29:16 | 000,000,062 | ---- | C] () -- C:\Users\Sarah\Documents\Web History.URL
[2010/03/14 21:15:03 | 000,000,062 | ---- | C] () -- C:\Users\Sarah\Favorites\Desktop\Web History.URL
[2010/03/14 16:24:55 | 000,224,256 | ---- | C] () -- C:\Users\Sarah\Favorites\Desktop\Loan_calc_extra_payments.xls
[2008/04/11 07:54:45 | 000,007,268 | ---- | C] () -- C:\Users\Sarah\AppData\Local\d3d9caps.dat
[2008/02/06 23:01:27 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/02/06 22:57:32 | 000,000,077 | ---- | C] () -- C:\Windows\EPSC120.ini
[2008/01/11 16:23:14 | 000,019,968 | ---- | C] () -- C:\Users\Sarah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/04 21:58:40 | 000,000,452 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\wklnhst.dat
[2008/01/04 19:35:35 | 000,000,033 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\pcouffin.log
[2008/01/04 19:34:19 | 000,087,608 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\ezpinst.exe
[2008/01/04 19:34:19 | 000,007,824 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\pcouffin.cat
[2008/01/04 19:34:19 | 000,001,144 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\pcouffin.inf
[2007/12/24 13:30:03 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2007/12/23 14:25:52 | 000,000,000 | ---- | C] () -- C:\Users\Sarah\AppData\Local\FnF4.txt
[2007/12/22 16:43:17 | 000,068,645 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\nvModes.001
[2007/12/22 16:43:10 | 000,068,645 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\nvModes.dat
[2007/12/20 12:46:35 | 000,000,000 | ---- | C] () -- C:\Users\Sarah\AppData\Local\QSwitch.txt
[2007/12/20 12:46:35 | 000,000,000 | ---- | C] () -- C:\Users\Sarah\AppData\Local\DSwitch.txt
[2007/12/20 12:46:35 | 000,000,000 | ---- | C] () -- C:\Users\Sarah\AppData\Local\AtStart.txt
[2007/07/25 08:31:36 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/02/27 16:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/14 02:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 02:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/05/06 17:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
========== LOP Check ==========
[2010/03/22 18:11:51 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\AVG9
[2008/04/17 10:06:57 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Canon
[2010/03/19 10:53:20 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\DVDFab
[2010/02/21 17:15:52 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Facebook
[2010/03/23 07:18:42 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\FreeFixer
[2008/02/06 23:07:16 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Leadertech
[2008/08/27 20:55:50 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Medstrat
[2009/12/24 15:16:35 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\MoveFab
[2010/01/24 09:27:01 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Snapfish
[2008/01/04 21:59:11 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Template
[2007/12/26 21:38:41 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Thunderbird
[2010/03/20 09:08:38 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\uTorrent
[2010/03/19 16:51:40 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Vso
[2008/01/28 22:04:46 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\WildTangent
[2010/03/23 20:52:55 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
-
I just noticed the hosts file.... last time i checked this, there was only 2 entries. now there's a bunch. what added them? is that normal?
Thanks
Matt.
Last edited by tashi; 2010-05-06 at 18:54.
Reason: Date of Archive
-
Hey Matt sorry for the long delay in getting back to you here. I don't remember ever getting notified that you responded back.
The HOSTS file does need to be reset.
Download the HostsXpert 4.3 - Hosts File Manager.
- Unzip HostsXpert 4.3 - Hosts File Manager to a convenient folder such as C:\HostsXpert 4.3 - Hosts File Manager
- Run HostsXpert 4.3 - Hosts File Manager from its new home
- Click on "File Handling".
- Click on "Restore MS Hosts File".
- Click OK on the Confirmation box.
- Click on "Make Read Only?"
- Click the X to exit the program.
- Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.
Run OTL again and give me an update on how it's running.
-
Did you still want help here Matt?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules