Browser Redirecting all the time

S

soar3

New member
I am having the notorious browser redirection whenever I try to do searches on all search engines such as google or yahoo. I have run Malwarebytes Anti-malware software and it comes up clean. I have McAfee antivirus and it scanned my computer clean, also. I do not know where else to go except here. :)
My Hijack Log is as follows:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:15:15 PM, on 3/22/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DNA\btdna.exe
D:\Program Files 2\palmOne\Hotsync.exe
D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Common Files\Teleca Shared\logger.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\system32\HPZipm12.exe
D:\Program Files 2\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files 2\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll (file missing)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O3 - Toolbar: DataVault Bar - {0D792CB2-2654-4E99-A597-7FC317F04D61} - D:\Program Files 2\DataVault\ie.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Program Files 2\palmOne\Hotsync.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Save to DataVault - file://D:\Program Files 2\DataVault\iemenuext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - F:\Program Files\Java\jre6\bin\jqs.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

--
End of file - 10082 bytes

Hello,

Its been four days and I am still having problems and I still haven't had any respones to my original request. This is my new updated Hijackthis log just in case somethings have changed.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:55:35 PM, on 3/26/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DNA\btdna.exe
D:\Program Files 2\palmOne\Hotsync.exe
D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Common Files\Teleca Shared\logger.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\WINDOWS\system32\HPZipm12.exe
D:\Program Files 2\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files 2\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll (file missing)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O3 - Toolbar: DataVault Bar - {0D792CB2-2654-4E99-A597-7FC317F04D61} - D:\Program Files 2\DataVault\ie.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = D:\Program Files 2\palmOne\Hotsync.exe
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Save to DataVault - file://D:\Program Files 2\DataVault\iemenuext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1269584490093
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1269583947859
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - F:\Program Files\Java\jre6\bin\jqs.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

--
End of file - 10729 bytes
 
Last edited by a moderator:
Hello and welcome to Safer Networking Forums

My handle is shinybeast and I will be assisting you in the removal of malware your computer may have.

Please follow these guidelines as we work to clean your computer.
  • Read through the instructions before you perform them and if you have questions please ask before you perform them. Please do not guess. I will be happy to clarify or explain.
  • Perform all instructions in the order given.
  • Stick with the process until I give you an "all clean." If the symptoms are gone, it does not necessarily mean your computer is safe and secure.
  • Do not run any other tools to remove malware while we are working.
  • If your security software throws up warnings about some of these tools, please allow these tools to run.
  • If you have not done so, please take time to read the "BEFORE you POST" sticky where the preliminary tasks and conditions for receiving help at this forum are explained.


Scan with OTL

Click here to download OTL by OldTimer and save it to your Desktop
  • Close all other open windows, then double-click OTL
    otl.png
    to start the tool.
  • Under Output, ensure that Minimal Output is selected
  • Copy the text in the code box below and paste it into the Custom Scans/Fixes box (under the cyan line at the bottom of the window)
    Code: 
    netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
  • Click Run Scan in upper left of window.
  • When the scan is finished, two logs will open:
    OTL.Txt <-- Will be opened
    Extras.Txt <-- Will be minimized
  • Please post the contents of the two logs in your next reply.
 
Here are the OTL and Extras files.

OTL logfile created on: 3/26/2010 8:40:50 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 30.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 75.00 Gb Total Space | 62.38 Gb Free Space | 83.17% Space Free | Partition Type: NTFS
Drive D: | 100.00 Gb Total Space | 84.79 Gb Free Space | 84.79% Space Free | Partition Type: NTFS
Drive E: | 123.09 Gb Total Space | 80.87 Gb Free Space | 65.70% Space Free | Partition Type: NTFS
Drive F: | 5.58 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 698.64 Gb Total Space | 420.67 Gb Free Space | 60.21% Space Free | Partition Type: NTFS
Drive H: | 3.81 Gb Total Space | 0.13 Gb Free Space | 3.28% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: AMD
Current User Name: Emmett & Roz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - D:\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe (Teleca)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\dbgout.exe (Teleca Sweden AB)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe (Teleca Sweden AB)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe (TODO: <Company name>)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe (Teleca AB)
PRC - C:\Program Files\Common Files\Teleca Shared\logger.exe (Popwire AB)
PRC - C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
PRC - C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Teleca Sweden AB)
PRC - C:\Program Files\Common Files\Teleca Shared\Generic.exe (Teleca AB)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe ()
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation)
PRC - C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Roxio)
PRC - D:\Program Files 2\palmOne\Hotsync.exe (PalmSource, Inc)
PRC - D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hposts08.exe (Hewlett-Packard Co.)
PRC - D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe (Hewlett-Packard Co.)
PRC - D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hposol08.exe (Hewlett-Packard Co.)
PRC - D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe (Hewlett-Packard Co.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)


========== Modules (SafeList) ==========

MOD - D:\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (JavaQuickStarterService) -- File not found
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\program files\common files\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (SNMP) -- C:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)
SRV - (nSvcLog) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)
SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (p2pgasvc) -- C:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)
SRV - (Iprip) -- C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
SRV - (SimpTcp) -- C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation)
SRV - (ForcewareWebInterface) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe (Apache Software Foundation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)


========== Driver Services (SafeList) ==========

DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (PalmUSBD) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (MPFP) -- C:\WINDOWS\system32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (HTCAND32) -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys (HTC1124 Inc)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (CO_Mon) -- C:\WINDOWS\system32\drivers\CO_Mon.sys ()
DRV - (FXDrv32) -- D:\Program Files 2\Fox LiveUpdate\FXDrv32.sys (Your Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (NVTCP) -- C:\WINDOWS\system32\drivers\nvtcp.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (AFS2K) -- C:\WINDOWS\system32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (cdudf_xp) -- C:\WINDOWS\system32\drivers\Cdudf_xp.sys (Roxio)
DRV - (dvd_2K) -- C:\WINDOWS\system32\drivers\dvd_2k.sys (Roxio)
DRV - (DVDVRRdr_xp) -- C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys (Windows (R) 2000 DDK provider)
DRV - (UDFReadr) -- C:\WINDOWS\system32\drivers\Udfreadr.sys (Roxio)
DRV - (mmc_2K) -- C:\WINDOWS\system32\drivers\mmc_2k.sys (Roxio)
DRV - (pwd_2k) -- C:\WINDOWS\system32\drivers\Pwd_2k.sys (Roxio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:4.0.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: F:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKLM\software\mozilla\Firefox\extensions\\datavault@ascendo.inc: D:\Program Files 2\DataVault\firefox [2009/07/26 20:29:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/23 16:13:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/25 22:37:47 | 000,000,000 | ---D | M]

[2008/08/26 23:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Extensions
[2010/03/25 23:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Firefox\Profiles\hlyrl83w.default\extensions
[2010/03/25 21:34:30 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Firefox\Profiles\hlyrl83w.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/03/21 20:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Firefox\Profiles\hlyrl83w.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2009/10/04 05:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Firefox\Profiles\hlyrl83w.default\extensions\en-US@dictionaries.addons.mozilla.org
[2010/03/25 23:29:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll

O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
O3 - HKLM\..\Toolbar: (DataVault Bar) - {0D792CB2-2654-4E99-A597-7FC317F04D61} - D:\Program Files 2\DataVault\ie.dll (Ascendo Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Roxio)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk = D:\Program Files 2\palmOne\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 2000 Series.lnk = D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\officejet 6100.lnk = D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hposol08.exe (Hewlett-Packard Co.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files 2\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Save to DataVault - D:\Program Files 2\DataVault\iemenuext.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1269584490093 (MUCatalogWebControl Class)
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} http://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab (CPlayFirstDinerDash2Control Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1269583947859 (MUWebControl Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/common/groove/gx/GrooveAX27.cab (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/01/01 20:46:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/10/04 17:02:54 | 000,000,279 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{04aa6c64-5b9a-11de-ab9f-001558454c84}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{04aa6c64-5b9a-11de-ab9f-001558454c84}\Shell\slacker\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{05767302-3157-11df-abe4-001558454c84}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\{18d78fee-a334-11db-82b0-001558454c84}\Shell - "" = AutoRun
O33 - MountPoints2\{18d78fee-a334-11db-82b0-001558454c84}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{18d78fee-a334-11db-82b0-001558454c84}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- [2006/09/19 21:00:25 | 001,114,112 | R--- | M] ()
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/01/11 14:43:07 | 000,000,000 | ---D | M]
NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891891626803200)

========== Files/Folders - Created Within 30 Days ==========

[2010/03/26 02:10:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/03/21 21:20:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Emmett & Roz\Recent
[2010/03/21 20:17:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Emmett & Roz\Application Data\QuickScan
[2010/03/21 09:55:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Emmett & Roz\My Documents\Downloads
[2010/03/20 18:21:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/18 23:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/03/18 23:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/03/16 20:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/03/16 20:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/03/16 20:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/03/16 20:19:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Emmett & Roz\Application Data\vlc
[2010/03/16 19:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/03/16 17:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/03/03 17:21:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/07/26 19:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/07/26 11:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/06/18 21:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2009/02/19 20:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2008/09/24 19:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/01/01 20:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2007/01/01 20:46:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/26 19:58:00 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/26 19:02:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cac6ee7160a75a.job
[2010/03/26 16:49:57 | 000,040,091 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010/03/26 02:10:16 | 000,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/26 02:10:16 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/26 02:10:16 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/26 02:08:16 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/26 02:06:23 | 000,050,257 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/03/26 02:05:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/26 02:05:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/26 02:05:56 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/26 01:51:37 | 000,012,952 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3060145843
[2010/03/26 01:51:36 | 000,012,952 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\3121143946
[2010/03/26 01:51:25 | 000,012,940 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3121143946
[2010/03/26 01:51:25 | 000,012,940 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\2Q757bFxJ7S
[2010/03/26 01:42:03 | 000,012,940 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2Q757bFxJ7S
[2010/03/25 23:40:58 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/25 23:16:52 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\ntuser.dat
[2010/03/25 23:16:52 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\ntuser.ini
[2010/03/25 08:48:23 | 000,105,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvata.sys
[2010/03/24 19:44:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/23 16:13:16 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/23 05:51:01 | 000,014,514 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1365645513
[2010/03/23 05:51:01 | 000,014,514 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1365645513
[2010/03/23 05:48:07 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\Desktop\Shortcut to rkill(2).com.pif
[2010/03/23 05:47:24 | 000,014,522 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1489984059
[2010/03/23 05:47:24 | 000,014,522 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1489984059
[2010/03/23 05:47:13 | 000,014,522 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Mh3jm32txN
[2010/03/23 05:47:12 | 000,014,518 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/23 05:46:14 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/03/22 21:43:20 | 000,200,704 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\128822158.dll
[2010/03/21 11:02:32 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/21 10:39:44 | 022,061,994 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\Desktop\YouTube- Michael Jackson - Bad.mp4
[2010/03/20 18:21:13 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/03/16 20:19:26 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/03/16 20:08:16 | 018,499,623 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\vlc-1.0.5-win32.exe
[2010/03/16 16:51:09 | 000,010,500 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\p4RkMAQM
[2010/03/16 16:51:09 | 000,010,500 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\p4RkMAQM
[2010/03/15 01:00:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/03/13 18:16:06 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\Desktop\Microsoft Streets & Trips.lnk
[2010/03/13 17:36:55 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/13 06:38:08 | 000,013,250 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Ofp41Kak
[2010/03/07 07:18:26 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\Desktop\CCleaner.lnk
[2010/03/01 02:00:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/26 01:51:33 | 000,012,952 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\3121143946
[2010/03/26 01:51:33 | 000,012,952 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3060145843
[2010/03/26 01:50:14 | 000,012,940 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3121143946
[2010/03/26 01:50:14 | 000,012,940 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\2Q757bFxJ7S
[2010/03/25 23:40:38 | 000,012,940 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\2Q757bFxJ7S
[2010/03/25 23:40:38 | 000,012,940 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2Q757bFxJ7S
[2010/03/23 05:49:08 | 000,014,514 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1365645513
[2010/03/23 05:49:08 | 000,014,514 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1365645513
[2010/03/23 05:48:23 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\Emmett & Roz\Desktop\Shortcut to rkill(2).com.pif
[2010/03/23 05:47:23 | 000,014,522 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1489984059
[2010/03/23 05:47:23 | 000,014,522 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1489984059
[2010/03/23 05:46:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/23 05:46:14 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/03/23 05:46:10 | 000,014,518 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Mh3jm32txN
[2010/03/22 21:53:30 | 2147,012,608 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/22 21:37:20 | 000,200,704 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\128822158.dll
[2010/03/22 21:36:59 | 000,014,522 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Mh3jm32txN
[2010/03/22 21:36:59 | 000,014,518 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/21 10:39:43 | 022,061,994 | ---- | C] () -- C:\Documents and Settings\Emmett & Roz\Desktop\YouTube- Michael Jackson - Bad.mp4
[2010/03/18 18:57:54 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cac6ee7160a75a.job
[2010/03/16 20:19:26 | 000,000,633 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/03/16 19:56:37 | 018,499,623 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vlc-1.0.5-win32.exe
[2010/03/16 16:46:39 | 000,010,500 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\p4RkMAQM
[2010/03/16 16:46:39 | 000,010,500 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\p4RkMAQM
[2010/03/13 00:55:25 | 000,013,250 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Ofp41Kak
[2010/01/02 20:55:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DbgOut.INI
[2009/11/17 20:36:46 | 001,408,800 | ---- | C] () -- C:\Program Files\MoveMediaPlayerWin_071505000011.exe
[2009/09/06 09:44:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/05/16 19:22:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2008/09/19 17:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/19 17:55:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/19 17:55:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/09/19 17:54:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/09/13 19:30:19 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameZ.txt
[2007/07/02 20:21:36 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2007/07/02 20:21:33 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2007/06/26 22:03:43 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Emmett & Roz\Application Data\usb.dat.bin
[2007/04/08 16:14:12 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/26 22:32:31 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\CO_Mon.sys
[2007/03/18 16:31:25 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/02/02 19:53:01 | 000,111,376 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2007/02/02 19:53:01 | 000,040,752 | ---- | C] () -- C:\WINDOWS\System32\agcrypto.dll
[2007/01/28 22:21:31 | 000,000,158 | ---- | C] () -- C:\WINDOWS\pagesuit.ini
[2007/01/28 22:21:30 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2007/01/25 21:11:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/01/25 05:59:51 | 000,000,167 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/01/06 19:15:36 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/03 22:11:36 | 000,000,114 | ---- | C] () -- C:\WINDOWS\NVProfileManager.INI
[2007/01/03 22:11:19 | 000,000,108 | ---- | C] () -- C:\WINDOWS\NVMonitor.INI
[2007/01/02 00:32:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/01/01 22:36:40 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2007/01/01 22:35:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/03/13 01:48:18 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2006/03/09 03:29:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/03/09 03:29:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/03/09 03:29:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/03/09 03:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/03/09 03:29:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/03/09 03:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/03/09 03:29:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/02/28 08:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2005/08/31 12:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2002/05/29 09:50:02 | 000,552,960 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2006/02/28 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2006/02/28 08:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006/02/28 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2006/02/28 08:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/02/28 08:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2006/02/28 08:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2006/02/28 08:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2006/02/28 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2006/02/28 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2010/03/25 08:48:23 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=DC1F9954B5EDDD147AF7E5C420BE7B93 -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2006/02/28 08:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2006/02/28 08:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2007/08/22 09:12:16 | 000,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2007/08/22 09:12:16 | 000,205,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[16 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007/01/11 14:47:42 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/01/11 19:12:16 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2007/01/11 14:47:42 | 018,612,224 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/01/11 14:47:42 | 007,077,888 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 226 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2A5A561
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA6D322
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDBBA690
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E799D7F
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:73828A71
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CDCEE6BF
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:22741C1F
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A6BC948
< End of report >


OTL Extras logfile created on: 3/26/2010 8:40:50 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 30.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 75.00 Gb Total Space | 62.38 Gb Free Space | 83.17% Space Free | Partition Type: NTFS
Drive D: | 100.00 Gb Total Space | 84.79 Gb Free Space | 84.79% Space Free | Partition Type: NTFS
Drive E: | 123.09 Gb Total Space | 80.87 Gb Free Space | 65.70% Space Free | Partition Type: NTFS
Drive F: | 5.58 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 698.64 Gb Total Space | 420.67 Gb Free Space | 60.21% Space Free | Partition Type: NTFS
Drive H: | 3.81 Gb Total Space | 0.13 Gb Free Space | 3.28% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: AMD
Current User Name: Emmett & Roz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files 2\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files 2\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files 2\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files 2\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"D:\Program Files 2\Veoh Networks\Veoh\VeohClient.exe" = D:\Program Files 2\Veoh Networks\Veoh\VeohClient.exe:*:Disabled:Veoh Client -- (Veoh Networks)
"C:\Documents and Settings\Emmett & Roz\Application Data\U3\0000060421109868\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe" = C:\Documents and Settings\Emmett & Roz\Application Data\U3\0000060421109868\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:*:Enabled:Skype -- File not found
"C:\Documents and Settings\Emmett & Roz\Application Data\U3\0000186F6A60CEB7\0DE4F643-C398-46ec-9339-2362F2311932\Exec\skype.exe" = C:\Documents and Settings\Emmett & Roz\Application Data\U3\0000186F6A60CEB7\0DE4F643-C398-46ec-9339-2362F2311932\Exec\skype.exe:*:Enabled:Skype -- File not found
"D:\Program Files 2\iTunes\iTunes.exe" = D:\Program Files 2\iTunes\iTunes.exe:*:Disabled:iTunes -- (Apple Computer, Inc.)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"F:\Program Files\BitTorrent\bittorrent.exe" = F:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"G:\Program Files\BitTorrent\bittorrent.exe" = G:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1C220811-048F-4D60-B42E-B86027C57372}" = LightScribe 1.4.119.1
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B0F52AC-EF5C-4831-B221-06C782E41280}" = Quicken 2008
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{41369F9D-FF51-464F-9FFB-33198BA24CC9}" = USB Modem Driver
"{446DBFFA-4088-48E3-8932-74316BA4CAE4}" = iTunes
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{62880A3B-2F9C-4C58-8FFA-1DA280262B5E}" = BlackBerry Device Software Updater
"{67E4EE98-59F4-4210-89A6-A20AF5BEC689}" = Microsoft Streets and Trips 2005
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver
"{747D1B34-A1FC-4EF3-A6AE-E86F39CEFDE5}" = Roxio Easy Media Creator 7 Basic DVD Edition
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7EC9E7A1-A576-43C8-9CBB-31BD5625EBCA}" = LiveUpdate
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82DFB852-9594-4668-9C66-28BB6E94BCB2}" = HP Photo and Imaging 1.0 - PSC 2000 Series
"{8867CEBD-E6C0-4C7A-83B3-9E45669A1033}" = Nero 7 Essentials
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{94F6AE6D-3339-4FC9-9BD2-C6B82D975DBF}" = HTC Sync
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A96172-A963-4A37-9FFB-DA6805BB915A}" = VeohTV BETA
"{9BFFB382-0B2C-11D6-AB3E-000102B0F79A}" = Readiris 7.5
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A90DCEC1-22DE-11D4-B8A9-0050DAB648C6}" = AvantGo Client
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B28759B8-5FC6-4F56-9C6C-6EDAD36455A9}" = Roxio Media Manager
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C73A3AB4-99A4-45E5-B77F-09A3065E0D6A}" = Microsoft IntelliType Pro 6.1
"{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
"{DA80700F-068D-11DF-9686-005056806466}" = Google Earth Plug-in
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{ED93995E-8BF2-480F-8EA4-7D29E29A7052}" = HP Photo and Imaging 1.0 - PSC 2000 Series Drivers
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FC053571-8507-44E4-8B6D-AACEAB8CA57C}" = Sansa Media Converter
"{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}" = palmOne
"3DGroove" = 3D Groove Playback Engine
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"7-Zip" = 7-Zip 4.47 beta
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"BlackBerry_{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
"CCleaner" = CCleaner
"Core FTP LE 2.0" = Core FTP LE 2.0
"DataVault" = Ascendo DataVault 4.4.5
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"HijackThis" = HijackThis 2.0.2
"hp psc 2200 series_Driver" = hp psc 2200 series
"ImgBurn" = ImgBurn (Remove Only)
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{41369F9D-FF51-464F-9FFB-33198BA24CC9}" = USB Modem Driver
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{97A96172-A963-4A37-9FFB-DA6805BB915A}" = VeohTV BETA
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.2)" = Mozilla Firefox (3.6.2)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"Pocket Quicken 2.5 for Palm OS" = Pocket Quicken 2.5 for Palm OS
"PSC 2000 Series" = HP Photo and Imaging 1.0 - PSC 2000 Series
"SereneScene Marine Aquarium 2" = SereneScene Marine Aquarium 2
"SpywareBlaster_is1" = SpywareBlaster 4.2
"Test My Hardware_is1" = Test My Hardware 3.0
"UnityWebPlayer" = Unity Web Player
"VLC media player" = VLC media player 1.0.5
"Vuze" = Vuze
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/26/2010 7:15:25 AM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 3/26/2010 8:15:25 AM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 3/26/2010 9:15:25 AM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 3/26/2010 10:15:25 AM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 3/26/2010 11:15:25 AM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 3/26/2010 12:15:25 PM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 3/26/2010 1:15:25 PM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 3/26/2010 2:15:25 PM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 3/26/2010 3:15:25 PM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 3/26/2010 4:15:25 PM | Computer Name = AMD | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 3/25/2010 11:19:33 PM | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.

Error - 3/25/2010 11:23:59 PM | Computer Name = AMD | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460

Error - 3/26/2010 1:52:45 AM | Computer Name = AMD | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 3/26/2010 1:52:45 AM | Computer Name = AMD | Source = Service Control Manager | ID = 7034
Description = The Pml Driver HPZ12 service terminated unexpectedly. It has done
this 1 time(s).

Error - 3/26/2010 2:06:06 AM | Computer Name = AMD | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 3/26/2010 2:06:06 AM | Computer Name = AMD | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 3/26/2010 2:07:35 AM | Computer Name = AMD | Source = Service Control Manager | ID = 7024
Description = The Forceware Web Interface service terminated with service-specific
error 1 (0x1).

Error - 3/26/2010 2:07:35 AM | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = The Java Quick Starter service failed to start due to the following
error: %%3

Error - 3/26/2010 2:07:35 AM | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.

Error - 3/26/2010 2:12:38 AM | Computer Name = AMD | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.


< End of report >
 
Hello soar3,

P2P Software

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

BitTorrent
DNA
Vuze

I'd like you to read File Sharing, otherwise known as Peer To Peer. (P2P) where this forum's policy is explained.

P2P is the main source of malware. If you continue to use P2P, your computer will be infected again.

If you would like to continue, you must go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).
Warning: Any existing remnants of the program may be removed during cleaning.


Scan with GMER

Click here to download GMER Rootkit Scanner and save it to your desktop.

  • Disconnect your computer from the internet and disable all security software before starting the scan.

    NOTE: To disable McAfee SecurityCenter
    • Locate McAfee
      mcafeesc.png
      icon in the system tray and double-click it to open McAfee SecurityCenter
    • Click Advanced Menu or Basic Menu in the lower left of the window.
    • Click Computer & Files, then click
      mcarrow.png
      in the right pane.
    • Under Virus Protection is enabled, select (tick) Off
    • In the popup window, select Never in the drop-down menu, then click OK
    • Select (tick) Off for all other modules installed (Spyware, SystemGuard, etc.)
    • Click Advanced Menu or Basic Menu in the lower left of the window.
    • Click Internet & Network, then click
      mcarrow.png
      in the right pane.
    • Under Firewall Protection is enabled, select (tick) Off
    • In the popup window, select Never in the drop-down menu, then click OK
    • Close McAfee SecurityCenter
  • Double click the randomly named GMER file. If asked to allow gmer to run, please allow it.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO


    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following boxes:
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All
  • Then click the Scan button and wait for it to finish
  • Once done click on the Save.. button at lower right, and in the File name area, type in "ark.txt" (include the quotes or it will save as a .log file)
  • Save it where you can easily find it, such as your desktop, and post it in reply
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
Note: Do not run any programs while Gmer is running.

IMPORTANT: After tools have run and any necessary reboots have occurred, open McAfee SecurityCenter and click the
mcfix.png
button in the upper right of the window to enable protection.

Please reply with the GMER log (ark.txt).
 
Here is the result of the GMER scan (ark.txt):

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-27 08:02:41
Windows 5.1.2600 Service Pack 2
Running: xoswrl09.exe; Driver: C:\DOCUME~1\EMMETT~1\LOCALS~1\Temp\pxtdrpow.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0xAC76578A]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcess [0xAC765738]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcessEx [0xAC76574C]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xAC7657CA]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0xAC765710]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0xAC765724]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0xAC76579E]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetContextThread [0xAC765776]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetInformationProcess [0xAC765762]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwTerminateProcess [0xAC7657F9]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xAC7657E0]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwYieldExecution [0xAC7657B4]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtMapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtSetInformationProcess

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)
AttachedDevice \FileSystem\Fastfat \Fat mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)

Device -> \Driver\nvata \Device\Harddisk0\DR0 8A601CA1

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\system32\drivers\nvata.sys suspicious modification

---- EOF - GMER 1.0.15 ----
 
You have an infection in nvata.sys. OTL says you do not have a replacement on-board. The best thing to do is reinstall chipset drivers which can be acquired from the manufacturer of the computer (or motherboard if you built the computer yourself). What is the make model of your computer (or motherboard)?
 
Yes, I built my computer myself and I have a Foxconn CS1xEM2AA motherboard powered by Nvidia and do have all of the drivers. Should I just simply reload the one driver in question?
 
You should have a CD with drivers for your motherboard. Load it up and reinstall the chipset drivers. Then scan with OTL.


Scan with OTL

Click here to download OTL by OldTimer and save it to your Desktop
  • Close all other open windows, then double-click OTL
    otl.png
    to start the tool.
  • Under Output, ensure that Minimal Output is selected
  • Copy the text in the code box below and paste it into the Custom Scans/Fixes box (under the cyan line at the bottom of the window)
    Code: 
    /md5start
nvata.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
  • Click Run Scan in upper left of window.
  • When the scan is finished, one log will open
  • Please post the contents of the OTL.txt in your next reply.
 
OTL logfile created on: 3/27/2010 4:05:12 PM - Run 3
OTL by OldTimer - Version 3.1.37.3 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 75.00 Gb Total Space | 61.98 Gb Free Space | 82.63% Space Free | Partition Type: NTFS
Drive D: | 100.00 Gb Total Space | 84.79 Gb Free Space | 84.79% Space Free | Partition Type: NTFS
Drive E: | 123.09 Gb Total Space | 80.87 Gb Free Space | 65.70% Space Free | Partition Type: NTFS
Drive F: | 5.58 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 698.64 Gb Total Space | 425.03 Gb Free Space | 60.84% Space Free | Partition Type: NTFS
Drive H: | 3.81 Gb Total Space | 0.13 Gb Free Space | 3.28% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Drive Y: | 468.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: AMD
Current User Name: Emmett & Roz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - D:\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe (Teleca)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\dbgout.exe (Teleca Sweden AB)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe (Teleca Sweden AB)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe (TODO: <Company name>)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe (Teleca AB)
PRC - C:\Program Files\Common Files\Teleca Shared\logger.exe (Popwire AB)
PRC - C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
PRC - C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Teleca Sweden AB)
PRC - C:\Program Files\Common Files\Teleca Shared\Generic.exe (Teleca AB)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe ()
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation)
PRC - C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Roxio)
PRC - D:\Program Files 2\palmOne\Hotsync.exe (PalmSource, Inc)
PRC - D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hposts08.exe (Hewlett-Packard Co.)
PRC - D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe (Hewlett-Packard Co.)
PRC - D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hposol08.exe (Hewlett-Packard Co.)
PRC - D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe (Hewlett-Packard Co.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)


========== Modules (SafeList) ==========

MOD - D:\Downloads\OTL(2).exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (JavaQuickStarterService) -- File not found
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\program files\common files\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (SNMP) -- C:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)
SRV - (nSvcLog) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)
SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (p2pgasvc) -- C:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)
SRV - (Iprip) -- C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
SRV - (SimpTcp) -- C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation)
SRV - (ForcewareWebInterface) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe (Apache Software Foundation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)


========== Driver Services (SafeList) ==========

DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (PalmUSBD) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (MPFP) -- C:\WINDOWS\system32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (HTCAND32) -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys (HTC1124 Inc)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (CO_Mon) -- C:\WINDOWS\system32\drivers\CO_Mon.sys ()
DRV - (FXDrv32) -- D:\Program Files 2\Fox LiveUpdate\FXDrv32.sys (Your Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (NVTCP) -- C:\WINDOWS\system32\drivers\nvtcp.sys (NVIDIA Corporation)
DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (AFS2K) -- C:\WINDOWS\system32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (cdudf_xp) -- C:\WINDOWS\system32\drivers\Cdudf_xp.sys (Roxio)
DRV - (dvd_2K) -- C:\WINDOWS\system32\drivers\dvd_2k.sys (Roxio)
DRV - (DVDVRRdr_xp) -- C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys (Windows (R) 2000 DDK provider)
DRV - (UDFReadr) -- C:\WINDOWS\system32\drivers\Udfreadr.sys (Roxio)
DRV - (mmc_2K) -- C:\WINDOWS\system32\drivers\mmc_2k.sys (Roxio)
DRV - (pwd_2k) -- C:\WINDOWS\system32\drivers\Pwd_2k.sys (Roxio)
DRV - (FXDRV) -- Y:\Fxdrv.sys (Foxconn)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:4.0.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: F:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKLM\software\mozilla\Firefox\extensions\\datavault@ascendo.inc: D:\Program Files 2\DataVault\firefox [2009/07/26 20:29:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/23 16:13:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/27 00:32:34 | 000,000,000 | ---D | M]

[2008/08/26 23:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Extensions
[2010/03/27 13:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Firefox\Profiles\hlyrl83w.default\extensions
[2010/03/25 21:34:30 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Firefox\Profiles\hlyrl83w.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/03/21 20:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Firefox\Profiles\hlyrl83w.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2009/10/04 05:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Emmett & Roz\Application Data\Mozilla\Firefox\Profiles\hlyrl83w.default\extensions\en-US@dictionaries.addons.mozilla.org
[2010/03/27 08:17:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
O3 - HKLM\..\Toolbar: (DataVault Bar) - {0D792CB2-2654-4E99-A597-7FC317F04D61} - D:\Program Files 2\DataVault\ie.dll (Ascendo Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Roxio)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk = D:\Program Files 2\palmOne\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 2000 Series.lnk = D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\officejet 6100.lnk = D:\Program Files 2\Hewlett-Packard\Digital Imaging\bin\hposol08.exe (Hewlett-Packard Co.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files 2\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Save to DataVault - D:\Program Files 2\DataVault\iemenuext.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1269584490093 (MUCatalogWebControl Class)
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} http://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab (CPlayFirstDinerDash2Control Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1269583947859 (MUWebControl Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/common/groove/gx/GrooveAX27.cab (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/01/01 20:46:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/10/04 17:02:54 | 000,000,279 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2003/07/31 02:55:00 | 000,000,043 | R--- | M] () - Y:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{04aa6c64-5b9a-11de-ab9f-001558454c84}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{04aa6c64-5b9a-11de-ab9f-001558454c84}\Shell\slacker\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{05767302-3157-11df-abe4-001558454c84}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\{18d78fee-a334-11db-82b0-001558454c84}\Shell - "" = AutoRun
O33 - MountPoints2\{18d78fee-a334-11db-82b0-001558454c84}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{18d78fee-a334-11db-82b0-001558454c84}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{2d4f18c2-99cf-11db-826a-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{2d4f18c2-99cf-11db-826a-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2d4f18c2-99cf-11db-826a-806d6172696f}\Shell\AutoRun\command - "" = Y:\setup.exe -- [2006/04/18 05:02:10 | 000,229,376 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- [2006/09/19 21:00:25 | 001,114,112 | R--- | M] ()
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16610416650092544)

========== Files/Folders - Created Within 30 Days ==========

[2010/03/27 16:01:44 | 000,000,000 | ---D | C] -- C:\NV24963488.TMP
[2010/03/27 16:01:44 | 000,000,000 | ---D | C] -- C:\NV17522816.TMP
[2010/03/27 16:01:19 | 000,208,384 | R--- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco1ins.dll
[2010/03/27 16:01:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\NV36443720.TMP
[2010/03/27 16:01:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/03/27 15:35:52 | 000,442,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\CapabilityTable.exe
[2010/03/27 15:35:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\NV4706445548.TMP
[2010/03/27 09:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Emmett & Roz\Application Data\InstallShield
[2010/03/21 21:20:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Emmett & Roz\Recent
[2010/03/21 20:17:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Emmett & Roz\Application Data\QuickScan
[2010/03/21 09:55:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Emmett & Roz\My Documents\Downloads
[2010/03/20 18:21:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/18 23:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/03/18 23:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/03/16 20:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/03/16 20:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/03/16 20:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/03/16 20:19:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Emmett & Roz\Application Data\vlc
[2010/03/16 19:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/03/16 17:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/03/03 17:21:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/07/26 19:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/07/26 11:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/06/18 21:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2009/02/19 20:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2008/09/24 19:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/01/01 20:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2007/01/01 20:46:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[23 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/27 16:01:43 | 000,040,233 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010/03/27 15:58:32 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/27 15:58:00 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/27 15:57:34 | 000,050,257 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/03/27 15:57:28 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cac6ee7160a75a.job
[2010/03/27 15:57:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/27 15:57:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/27 15:57:23 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/27 15:54:25 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\ntuser.dat
[2010/03/27 15:54:17 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\ntuser.ini
[2010/03/27 15:41:47 | 000,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/27 15:41:47 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/27 15:41:47 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/27 00:36:06 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\Desktop\xoswrl09.exe
[2010/03/26 01:51:37 | 000,012,952 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3060145843
[2010/03/26 01:51:36 | 000,012,952 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\3121143946
[2010/03/26 01:51:25 | 000,012,940 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3121143946
[2010/03/26 01:51:25 | 000,012,940 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\2Q757bFxJ7S
[2010/03/26 01:42:03 | 000,012,940 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2Q757bFxJ7S
[2010/03/25 23:40:58 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/24 19:44:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/23 16:13:16 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/03/23 05:51:01 | 000,014,514 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1365645513
[2010/03/23 05:51:01 | 000,014,514 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1365645513
[2010/03/23 05:48:07 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\Desktop\Shortcut to rkill(2).com.pif
[2010/03/23 05:47:24 | 000,014,522 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1489984059
[2010/03/23 05:47:24 | 000,014,522 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1489984059
[2010/03/23 05:47:13 | 000,014,522 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Mh3jm32txN
[2010/03/23 05:47:12 | 000,014,518 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/23 05:46:14 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/03/22 21:43:20 | 000,200,704 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\128822158.dll
[2010/03/21 11:02:32 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/21 10:39:44 | 022,061,994 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\Desktop\YouTube- Michael Jackson - Bad.mp4
[2010/03/20 18:21:13 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/03/16 20:19:26 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/03/16 20:08:16 | 018,499,623 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\vlc-1.0.5-win32.exe
[2010/03/16 16:51:09 | 000,010,500 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\p4RkMAQM
[2010/03/16 16:51:09 | 000,010,500 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\p4RkMAQM
[2010/03/15 01:00:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/03/13 18:16:06 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\Desktop\Microsoft Streets & Trips.lnk
[2010/03/13 17:36:55 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/13 06:38:08 | 000,013,250 | -HS- | M] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Ofp41Kak
[2010/03/07 07:18:26 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\Emmett & Roz\Desktop\CCleaner.lnk
[2010/03/01 02:00:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[23 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/27 00:38:16 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Emmett & Roz\Desktop\xoswrl09.exe
[2010/03/26 01:51:33 | 000,012,952 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\3121143946
[2010/03/26 01:51:33 | 000,012,952 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3060145843
[2010/03/26 01:50:14 | 000,012,940 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3121143946
[2010/03/26 01:50:14 | 000,012,940 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\2Q757bFxJ7S
[2010/03/25 23:40:38 | 000,012,940 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\2Q757bFxJ7S
[2010/03/25 23:40:38 | 000,012,940 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2Q757bFxJ7S
[2010/03/23 05:49:08 | 000,014,514 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1365645513
[2010/03/23 05:49:08 | 000,014,514 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1365645513
[2010/03/23 05:48:23 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\Emmett & Roz\Desktop\Shortcut to rkill(2).com.pif
[2010/03/23 05:47:23 | 000,014,522 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1489984059
[2010/03/23 05:47:23 | 000,014,522 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1489984059
[2010/03/23 05:46:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/23 05:46:14 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/03/23 05:46:10 | 000,014,518 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Mh3jm32txN
[2010/03/22 21:53:30 | 2147,012,608 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/22 21:37:20 | 000,200,704 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\128822158.dll
[2010/03/22 21:36:59 | 000,014,522 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Mh3jm32txN
[2010/03/22 21:36:59 | 000,014,518 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
[2010/03/21 10:39:43 | 022,061,994 | ---- | C] () -- C:\Documents and Settings\Emmett & Roz\Desktop\YouTube- Michael Jackson - Bad.mp4
[2010/03/18 18:57:54 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cac6ee7160a75a.job
[2010/03/16 20:19:26 | 000,000,633 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/03/16 19:56:37 | 018,499,623 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vlc-1.0.5-win32.exe
[2010/03/16 16:46:39 | 000,010,500 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\p4RkMAQM
[2010/03/16 16:46:39 | 000,010,500 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\p4RkMAQM
[2010/03/13 00:55:25 | 000,013,250 | -HS- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Ofp41Kak
[2010/01/02 20:55:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DbgOut.INI
[2009/11/17 20:36:46 | 001,408,800 | ---- | C] () -- C:\Program Files\MoveMediaPlayerWin_071505000011.exe
[2009/09/06 09:44:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/05/16 19:22:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2008/09/19 17:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/19 17:55:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/19 17:55:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/09/19 17:54:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/09/13 19:30:19 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameZ.txt
[2007/07/02 20:21:36 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2007/07/02 20:21:33 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2007/06/26 22:03:43 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Emmett & Roz\Application Data\usb.dat.bin
[2007/04/08 16:14:12 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/26 22:32:31 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\CO_Mon.sys
[2007/03/18 16:31:25 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/02/02 19:53:01 | 000,111,376 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2007/02/02 19:53:01 | 000,040,752 | ---- | C] () -- C:\WINDOWS\System32\agcrypto.dll
[2007/01/28 22:21:31 | 000,000,158 | ---- | C] () -- C:\WINDOWS\pagesuit.ini
[2007/01/28 22:21:30 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2007/01/25 21:11:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/01/25 05:59:51 | 000,000,167 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/01/06 19:15:36 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/03 22:11:36 | 000,000,114 | ---- | C] () -- C:\WINDOWS\NVProfileManager.INI
[2007/01/03 22:11:19 | 000,000,108 | ---- | C] () -- C:\WINDOWS\NVMonitor.INI
[2007/01/02 00:32:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/01/01 22:36:40 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2007/01/01 22:35:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/03/13 01:48:18 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2006/03/09 03:29:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/03/09 03:29:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/03/09 03:29:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/03/09 03:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/03/09 03:29:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/03/09 03:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/03/09 03:29:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/02/28 08:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2005/08/31 12:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2002/05/29 09:50:02 | 000,552,960 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

========== Custom Scans ==========



< MD5 for: NVATA.SYS >
[2006/03/16 06:51:32 | 000,099,840 | R--- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\LastGood\system32\DRIVERS\nvata.sys
[2006/03/16 06:51:32 | 000,099,840 | R--- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\system32\drivers\nvata.sys
[2006/03/16 06:51:32 | 000,099,840 | R--- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\nvata.sys
[2010/03/25 08:48:23 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=DC1F9954B5EDDD147AF7E5C420BE7B93 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\nvata.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[23 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007/01/11 14:47:42 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/01/11 19:12:16 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2007/01/11 14:47:42 | 018,612,224 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/01/11 14:47:42 | 007,077,888 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 226 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2A5A561
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA6D322
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDBBA690
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E799D7F
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:73828A71
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CDCEE6BF
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:22741C1F
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A6BC948
< End of report >
 
Hi soar3,

OTL

  • Close all other open windows, then double-click OTL.exe to start OTL
  • Copy all of the text in the code box below and paste it in the white area under Custom Scans/Fixes (under the cyan line at the bottom of the window)
    Code: 
    :otl
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
[23 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
@Alternate Data Stream - 226 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2A5A561
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA6D322
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDBBA690
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E799D7F
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:73828A71
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CDCEE6BF
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:22741C1F
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A6BC948

:files
C:\Documents and Settings\All Users\Application Data\3060145843
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\3121143946
C:\Documents and Settings\All Users\Application Data\3121143946
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\2Q757bFxJ7S
C:\Documents and Settings\All Users\Application Data\2Q757bFxJ7S
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1365645513
C:\Documents and Settings\All Users\Application Data\1365645513
C:\Documents and Settings\Emmett & Roz\Desktop\Shortcut to rkill(2).com.pif
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1489984059
C:\Documents and Settings\All Users\Application Data\1489984059
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Mh3jm32txN
C:\Documents and Settings\All Users\Application Data\Mh3jm32txN
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\128822158.dll
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\p4RkMAQM
C:\Documents and Settings\All Users\Application Data\p4RkMAQM
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Ofp41Kak

:commands
[emptytemp]
  • Close all running programs except for OTL, including all browser windows.
  • Then click Run Fix at the top of the window.
  • Once done, OTL will require a reboot. Please allow it.
  • After reboot, the log should open. Please save the log and post it in your next reply.


ESET Online Scan

Before you begin:
  • Please use Internet Explorer for this scan.
  • Disable your anti-virus to avoid conflicts. Click here for instructions.
  • The scan will take quite some time. I suggest you run it when you do not need the computer for awhile.
Click here to visit ESET Online Scanner then click
esetos.png

  • In the new tab/window that opens, check YES, I accept the Terms of Use then click the green Start button
  • When prompted, allow the Add-On/Active X to install.
  • Under Computer Scan Settings do the following:
    • Ensure that Remove found threats is NOT checked
    • Ensure that Scan archives is checked.
  • Then click Advanced settings and ensure the following are checked:
    • [*]Scan for potentially unwanted applications
      [*]Scan for potentially unsafe applications
      [*]Enable Anti-Stealth Technology
  • Click Start button.
  • The signature database will then be downloaded and the scan will start.
    NOTE: Then scan will take quite some time; the more data to be scanned, the longer it will take. Please be patient.
  • When it is finished, ensure the Uninstall application on close box is NOT checked and click Finish button.
    If you wish, you may uninstall the scanner through Add/Remove Progams after we are finished.
  • Copy the whole line in the code box below.
    Code: 
    "%PROGRAMFILES%\ESET\ESET Online Scanner\log.txt"
  • Click Start, click Run... and paste the above line in the Open: field, then click OK
  • The log should open, if not, navigate to C:\Program Files\ESET\ESET Online Scanner\ and open the text file named log.
  • Copy and paste the log in your next reply.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


Still getting redirects?
Please reply with OTL log and ESET log.
 
I'm replying to you by way of cell phone now because since I did the last OTL fix, my computer is stuck in a continuous loop of blue screen of deaths. I cannot even boot into safe mode because when that screen comes up, I can't even select safe mode cuz my keyboard won't work for some reason. Sometimes the computer will try to boot to the desktop, but there is an OTL security prompt that comes up asking to either run or cancel. I have tried to check both and it would show me s OTL log for a second and then go to a memory dump BSOD. I tried to boot off of the Xp disk to but that is unsuccessful since my keyboard is being rendered useless. Please HELP!!!
 
I need to know if the computer was rebooted at any time after installing the chipset drivers but before OTL fix. I suspect the OTL fix is not responsible and the chipset driver might be. I'll come up with a plan after I get an answer from you. Also, does safe mode work or safe mode with command prompt work?
 
Last edited:
Well, I made it back!! :) I don't really know what is going on, but I do believe that you are

right in saying that it may be something wrong with the chipset drivers. The way that I was able

to get the computer to finally boot into windows was to unplug my keyboard (which I told you was

not responding) and also disconnecting my modem from my computer. I then proceeded to plug both

devices back in and see what happened. The computer ran for about 10 minutes and I was able to

surf the internet and everything until I got another memory dump screen and BSOD. During the

reboot I unpluged both devices until Windows came back up and this time only replugged in my

keyboard. I haven't received any BSOD so something might be wrong with the chipset drivers for my

network adapters. Does this make sense? What should I do sense I never finished the OTL

procedure? However, when I was on the internet for the short period that I was allowed, I seem to

no longer be getting the redirections
 
This was the last OTL file that was posted after my reboot and when the problems started happening, also.


All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\REN12BD.tmp deleted successfully.
C:\WINDOWS\System32\REN12BE.tmp deleted successfully.
C:\WINDOWS\System32\REN12BF.tmp deleted successfully.
C:\WINDOWS\System32\REN12C7.tmp deleted successfully.
C:\WINDOWS\System32\REN12C8.tmp deleted successfully.
C:\WINDOWS\System32\REN12C9.tmp deleted successfully.
C:\WINDOWS\System32\REN12EA.tmp deleted successfully.
C:\WINDOWS\System32\REN12EB.tmp deleted successfully.
C:\WINDOWS\System32\REN12EC.tmp deleted successfully.
C:\WINDOWS\System32\REN12F8.tmp deleted successfully.
C:\WINDOWS\System32\REN12F9.tmp deleted successfully.
C:\WINDOWS\System32\REN12FA.tmp deleted successfully.
C:\WINDOWS\System32\REN131C.tmp deleted successfully.
C:\WINDOWS\System32\REN131D.tmp deleted successfully.
C:\WINDOWS\System32\REN131E.tmp deleted successfully.
C:\WINDOWS\System32\SET1F.tmp deleted successfully.
C:\WINDOWS\System32\SET20B.tmp deleted successfully.
C:\WINDOWS\System32\SET20F.tmp deleted successfully.
C:\WINDOWS\System32\SET21B.tmp deleted successfully.
C:\WINDOWS\System32\SET21F.tmp deleted successfully.
C:\WINDOWS\System32\SET223.tmp deleted successfully.
C:\WINDOWS\System32\SET227.tmp deleted successfully.
C:\NV17522816.TMP folder deleted successfully.
C:\NV24963488.TMP folder deleted successfully.
C:\WINDOWS\NV11401156.TMP\nvtcp.sys deleted successfully.
C:\WINDOWS\NV11401156.TMP folder deleted successfully.
C:\WINDOWS\NV17001652.TMP\nvtcp.sys deleted successfully.
C:\WINDOWS\NV17001652.TMP folder deleted successfully.
C:\WINDOWS\NV36443720.TMP\nvtcp.sys deleted successfully.
C:\WINDOWS\NV36443720.TMP folder deleted successfully.
C:\WINDOWS\NV4706445548.TMP\nvtcp.sys deleted successfully.
C:\WINDOWS\NV4706445548.TMP folder deleted successfully.
C:\WINDOWS\SET29.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET37.tmp deleted successfully.
C:\WINDOWS\SET3A.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET46.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\SET81.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D2A5A561 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:7BA6D322 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:BDBBA690 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0E799D7F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:73828A71 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:CDCEE6BF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:22741C1F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:3A6BC948 deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\3060145843 moved successfully.
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\3121143946 moved successfully.
C:\Documents and Settings\All Users\Application Data\3121143946 moved successfully.
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\2Q757bFxJ7S moved successfully.
C:\Documents and Settings\All Users\Application Data\2Q757bFxJ7S moved successfully.
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1365645513 moved successfully.
C:\Documents and Settings\All Users\Application Data\1365645513 moved successfully.
C:\Documents and Settings\Emmett & Roz\Desktop\Shortcut to rkill(2).com.pif moved successfully.
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\1489984059 moved successfully.
C:\Documents and Settings\All Users\Application Data\1489984059 moved successfully.
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Mh3jm32txN moved successfully.
C:\Documents and Settings\All Users\Application Data\Mh3jm32txN moved successfully.
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\128822158.dll moved successfully.
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\p4RkMAQM moved successfully.
C:\Documents and Settings\All Users\Application Data\p4RkMAQM moved successfully.
C:\Documents and Settings\Emmett & Roz\Local Settings\Application Data\Ofp41Kak moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 2512612 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Emmett & Roz
->Temp folder emptied: 211632588 bytes
->Temporary Internet Files folder emptied: 10212013 bytes
->Java cache emptied: 963 bytes
->FireFox cache emptied: 90972474 bytes
->Flash cache emptied: 29159 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 9947059 bytes
->Flash cache emptied: 1450 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 57481267 bytes
->Java cache emptied: 70 bytes
->Flash cache emptied: 36886 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 82117930 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 444.00 mb


OTL by OldTimer - Version 3.1.37.3 log created on 03272010_193248

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\abcat0401000;dcopt=ist;id=abcat0401000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\CA2RGX2F.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\CAU866L5.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\CAWIST87.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\CAWPEBGJ.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\e-d-FT-d-PT-j-PERM-j-CONT%3Fsort%255Btype%255D%3Ddate%26api%26aggregateIndustry%3Dnull%26t%3D1260923378949%26iframe%26scrollTop&r=0&SIG=10vkhglr6;x-cookie=7bv5ir95vn335&o=4&f=36 not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\fres_music_everywhere;sec0=playtime;sec1=shows;sec2=freshbeatband;sec3=games;sec4=fres_music_everywhere;pos=atf;flashName=fres_music_everywhere;tag=adj;mtype=standard;sz[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\abcat0401000;dcopt=ist;id=abcat0401000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\abcat0401000;dcopt=ist;id=abcat0401004;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=abcat0401004;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\CA6RGDEJ.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\dearprudence;dir=arts;dir=dearprudence;ad=336x90;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;pos=336x90_2[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\index;sec0=playtime;sec1=cats;sec2=games;sec3=index;pos=atf;flashName=pt_games;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flashName-pt_games_tag-adj_mtype-standa[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\index;sec0=playtime;sec1=shows;sec2=backyardigans;sec3=index;pos=atf;flashName=pt_back;!category=back_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flashName[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\leaderboard;dir=arts;dir=dearprudence;dir=leaderboard;ad=lb;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;p[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\ll%26fromPageCatId%3D62055%26catNavId%3D62055&id=5463194158&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\umiz_milli_mini;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=games;sec4=umiz_milli_mini;pos=atf;flashName=umiz_milli_mini;!category=team-umizoomi_showid;tag=adj;mtype=sta[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\abcat0401000;dcopt=ist;id=abcat0401001;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;o[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\CA0X4NIJ.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\CAJQRM7L.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\CASFQFIR.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\CASPQZOD.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\chat_it_up;sec0=pc;sec1=connect;sec2=boards;sec3=bootcamp;sec4=family_holiday_ideas;sec5=chat_it_up;pos=atf;tag=adj;mtype=standard;sz=120x60;tile=3;u=pos-atf_tag-adj_mty[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\dearprudence;dir=arts;dir=dearprudence;ad=bb;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;pos=bigbox_2;sz=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\index;sec0=playtime;sec1=shows;sec2=freshbeatband;sec3=index;pos=atf;flashName=pt_fres;!category=fresh-beat-band_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-at[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\rightflex;dir=arts;dir=dearprudence;dir=rightflex;ad=ss;ad=hp;ad=bb;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\terms_of_use;sec0=about;sec1=terms_of_use;pos=btf;activity=terms-of-use;tile=13;node=survey;tag=adj;mtype=standard;sz=1x2;u=pos-btf_activity-terms-of-use_tile-13_node-su[1] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\U385MJ.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true&PV%21visitorActive=0 not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\_hp;sec0=_hp;pos=atf;category=home;activity=homepage;tile=2;tag=adj;mtype=standard;sz=300x250;u=pos-atf_category-home_activity-homepage_tile-2_tag-adj_mtype-standard_sz-[1] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\back_mighty_knights;sec0=playtime;sec1=shows;sec2=backyardigans;sec3=games;sec4=back_mighty_knights;pos=atf;flashName=back_mighty_knights;tag=adj;mtype=standard;sz=728x9[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\CAK163GX.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\CAKT4NCB.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\chat_it_up;sec0=pc;sec1=connect;sec2=boards;sec3=bootcamp;sec4=family_holiday_ideas;sec5=chat_it_up;node=survey;pos=atf;tag=adj;mtype=standard;sz=1x2;tile=2;u=node-surve[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\interstitial;sec0=playtime;sec1=interstitial;pos=atf;tag=adj;mtype=standard;sz=300x250;tile=1;;u=pos-atf_tag-adj_mtype-standard_sz-300x250_tile-1;ord=387092418847053950[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\umiz_bot_mini;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=games;sec4=umiz_bot_mini;pos=atf;flashName=umiz_bot_mini;!category=team-umizoomi_showid;tag=adj;mtype=standard;[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\abcat0401000;dcopt=ist;id=abcat0401001;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;o[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\CABIT8DP.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\midarticleflex;dir=arts;dir=dearprudence;dir=midarticleflex;ad=fb;ad=bb;del=js;ajax=n;dcopt=ist;ad=pop;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;ms[1] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\RM%26jobtype%3DCONT%26commitment%3DFT%26commitment%3DPT%26locations%3DMacomb%252C%2BMI%26country%3DUSA%26industry%3DFIN%26kw%3D&r=0&SIG=10vkhglr6;x-cookie=7bv5ir95vn335&o=4&f=36 not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\terms_of_use;sec0=about;sec1=terms_of_use;pos=atf;activity=terms-of-use;tile=2;tag=adj;mtype=standard;sz=300x250;u=pos-atf_activity-terms-of-use_tile-2_tag-adj_mtype-sta[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\abcat0401000;dcopt=ist;id=abcat0401000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\abcat0401000;dcopt=ist;id=abcat0401001;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;o[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\abcat0401000;dcopt=ist;id=abcat0401004;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=abcat0401004;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\abcat0410000;dcopt=ist;id=abcat0410000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\CA8LANGH.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\CAOHQF67.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\CAV7946H.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\dearprudence;dir=arts;dir=dearprudence;ad=mostread;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;pos=mostre[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\index;sec0=games;sec1=backyardigans;sec2=all-themes;sec3=all-ages;sec4=index;activity=the-backyardigans-games;pos=atf;tag=adj;mtype=standard;sz=160x600;tile=2;;u=activit[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\index;sec0=playtime;sec1=shows;sec2=backyardigans;sec3=index;pos=atf;flashName=pt_back;!category=back_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flashName[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\ll%26fromPageCatId%3D62055%26catNavId%3D62055&id=5463194158&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\terms_of_use;sec0=about;sec1=terms_of_use;pos=atf;activity=terms-of-use;tile=1;tag=adj;mtype=standard;sz=728x90;dcopt=ist;u=pos-atf_activity-terms-of-use_tile-1_tag-adj_[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\back_adventure;sec0=playtime;sec1=shows;sec2=backyardigans;sec3=games;sec4=back_adventure;pos=atf;flashName=back_adventure;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\CAC1A3UR.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\CAI5C30B.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\CAJDD7AQ.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\CARIDOX7.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\chat_it_up;sec0=pc;sec1=connect;sec2=boards;sec3=bootcamp;sec4=family_holiday_ideas;sec5=chat_it_up;pos=atf;tag=adj;mtype=standard;sz=728x90;tile=1;u=pos-atf_tag-adj_mty[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\chat_it_up;sec0=pc;sec1=connect;sec2=boards;sec3=bootcamp;sec4=family_holiday_ideas;sec5=chat_it_up;pos=btf;tag=adj;mtype=standard;sz=300x250;tile=4;u=pos-btf_tag-adj_mt[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\dearprudence;dir=arts;dir=dearprudence;ad=lb;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;pos=leaderboard_[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\index;sec0=games;sec1=backyardigans;sec2=all-themes;sec3=all-ages;sec4=index;activity=the-backyardigans-games;pos=atf;tag=adj;mtype=standard;sz=728x90;tile=1;dcopt=ist;;[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\ll%26fromPageCatId%3D62055%26catNavId%3D62055&id=5463194158&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\abcat0400000;dcopt=ist;id=abcat0400000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\abcat0401000;dcopt=ist;id=cat13504;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=abcat0401004;subzone3=cat13504;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\CAUYZRL0.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\terms_of_use;sec0=about;sec1=terms_of_use;pos=btf;activity=terms-of-use;tile=12;research=survey;tag=adj;mtype=standard;sz=1x2;u=pos-btf_activity-terms-of-use_tile-12_res[1] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\umiz_bot_mini;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=games;sec4=umiz_bot_mini;pos=atf;flashName=umiz_bot_mini;!category=team-umizoomi_showid;tag=adj;mtype=standard;[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\_hp;sec0=_hp;pos=atf;category=home;activity=homepage;tile=1;tag=adj;mtype=standard;sz=728x90;dcopt=off;u=pos-atf_category-home_activity-homepage_tile-1_tag-adj_mtype-sta[2] not found!

Registry entries deleted on Reboot...

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\abcat0401000;dcopt=ist;id=abcat0401000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\CA2RGX2F.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\CAU866L5.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\CAWIST87.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\CAWPEBGJ.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\e-d-FT-d-PT-j-PERM-j-CONT%3Fsort%255Btype%255D%3Ddate%26api%26aggregateIndustry%3Dnull%26t%3D1260923378949%26iframe%26scrollTop&r=0&SIG=10vkhglr6;x-cookie=7bv5ir95vn335&o=4&f=36 not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\fres_music_everywhere;sec0=playtime;sec1=shows;sec2=freshbeatband;sec3=games;sec4=fres_music_everywhere;pos=atf;flashName=fres_music_everywhere;tag=adj;mtype=standard;sz[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\WX6J4P6R\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\abcat0401000;dcopt=ist;id=abcat0401000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\abcat0401000;dcopt=ist;id=abcat0401004;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=abcat0401004;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\CA6RGDEJ.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\dearprudence;dir=arts;dir=dearprudence;ad=336x90;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;pos=336x90_2[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\index;sec0=playtime;sec1=cats;sec2=games;sec3=index;pos=atf;flashName=pt_games;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flashName-pt_games_tag-adj_mtype-standa[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\index;sec0=playtime;sec1=shows;sec2=backyardigans;sec3=index;pos=atf;flashName=pt_back;!category=back_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flashName[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\leaderboard;dir=arts;dir=dearprudence;dir=leaderboard;ad=lb;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;p[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\ll%26fromPageCatId%3D62055%26catNavId%3D62055&id=5463194158&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\UXCXW78Z\umiz_milli_mini;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=games;sec4=umiz_milli_mini;pos=atf;flashName=umiz_milli_mini;!category=team-umizoomi_showid;tag=adj;mtype=sta[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\abcat0401000;dcopt=ist;id=abcat0401001;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;o[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\CA0X4NIJ.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\CAJQRM7L.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\CASFQFIR.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\CASPQZOD.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\chat_it_up;sec0=pc;sec1=connect;sec2=boards;sec3=bootcamp;sec4=family_holiday_ideas;sec5=chat_it_up;pos=atf;tag=adj;mtype=standard;sz=120x60;tile=3;u=pos-atf_tag-adj_mty[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\dearprudence;dir=arts;dir=dearprudence;ad=bb;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;pos=bigbox_2;sz=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\index;sec0=playtime;sec1=shows;sec2=freshbeatband;sec3=index;pos=atf;flashName=pt_fres;!category=fresh-beat-band_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-at[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\rightflex;dir=arts;dir=dearprudence;dir=rightflex;ad=ss;ad=hp;ad=bb;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\terms_of_use;sec0=about;sec1=terms_of_use;pos=btf;activity=terms-of-use;tile=13;node=survey;tag=adj;mtype=standard;sz=1x2;u=pos-btf_activity-terms-of-use_tile-13_node-su[1] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\U385MJ.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true&PV%21visitorActive=0 not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\SP23SPAN\_hp;sec0=_hp;pos=atf;category=home;activity=homepage;tile=2;tag=adj;mtype=standard;sz=300x250;u=pos-atf_category-home_activity-homepage_tile-2_tag-adj_mtype-standard_sz-[1] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\back_mighty_knights;sec0=playtime;sec1=shows;sec2=backyardigans;sec3=games;sec4=back_mighty_knights;pos=atf;flashName=back_mighty_knights;tag=adj;mtype=standard;sz=728x9[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\CAK163GX.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\CAKT4NCB.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\chat_it_up;sec0=pc;sec1=connect;sec2=boards;sec3=bootcamp;sec4=family_holiday_ideas;sec5=chat_it_up;node=survey;pos=atf;tag=adj;mtype=standard;sz=1x2;tile=2;u=node-surve[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\interstitial;sec0=playtime;sec1=interstitial;pos=atf;tag=adj;mtype=standard;sz=300x250;tile=1;;u=pos-atf_tag-adj_mtype-standard_sz-300x250_tile-1;ord=387092418847053950[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\S563G5AF\umiz_bot_mini;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=games;sec4=umiz_bot_mini;pos=atf;flashName=umiz_bot_mini;!category=team-umizoomi_showid;tag=adj;mtype=standard;[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\abcat0401000;dcopt=ist;id=abcat0401001;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;o[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\CABIT8DP.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\midarticleflex;dir=arts;dir=dearprudence;dir=midarticleflex;ad=fb;ad=bb;del=js;ajax=n;dcopt=ist;ad=pop;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;ms[1] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\RM%26jobtype%3DCONT%26commitment%3DFT%26commitment%3DPT%26locations%3DMacomb%252C%2BMI%26country%3DUSA%26industry%3DFIN%26kw%3D&r=0&SIG=10vkhglr6;x-cookie=7bv5ir95vn335&o=4&f=36 not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\M7GP6TM9\terms_of_use;sec0=about;sec1=terms_of_use;pos=atf;activity=terms-of-use;tile=2;tag=adj;mtype=standard;sz=300x250;u=pos-atf_activity-terms-of-use_tile-2_tag-adj_mtype-sta[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\abcat0401000;dcopt=ist;id=abcat0401000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\abcat0401000;dcopt=ist;id=abcat0401001;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;o[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\abcat0401000;dcopt=ist;id=abcat0401004;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=abcat0401004;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\abcat0410000;dcopt=ist;id=abcat0410000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\CA8LANGH.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\CAOHQF67.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\CAV7946H.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\dearprudence;dir=arts;dir=dearprudence;ad=mostread;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;pos=mostre[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\index;sec0=games;sec1=backyardigans;sec2=all-themes;sec3=all-ages;sec4=index;activity=the-backyardigans-games;pos=atf;tag=adj;mtype=standard;sz=160x600;tile=2;;u=activit[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\index;sec0=playtime;sec1=shows;sec2=backyardigans;sec3=index;pos=atf;flashName=pt_back;!category=back_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flashName[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\ll%26fromPageCatId%3D62055%26catNavId%3D62055&id=5463194158&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4B2LEX\terms_of_use;sec0=about;sec1=terms_of_use;pos=atf;activity=terms-of-use;tile=1;tag=adj;mtype=standard;sz=728x90;dcopt=ist;u=pos-atf_activity-terms-of-use_tile-1_tag-adj_[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\back_adventure;sec0=playtime;sec1=shows;sec2=backyardigans;sec3=games;sec4=back_adventure;pos=atf;flashName=back_adventure;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\CAC1A3UR.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\CAI5C30B.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\CAJDD7AQ.gsp%3Fcat%3D1060825&id=3458524882&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\CARIDOX7.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\chat_it_up;sec0=pc;sec1=connect;sec2=boards;sec3=bootcamp;sec4=family_holiday_ideas;sec5=chat_it_up;pos=atf;tag=adj;mtype=standard;sz=728x90;tile=1;u=pos-atf_tag-adj_mty[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\chat_it_up;sec0=pc;sec1=connect;sec2=boards;sec3=bootcamp;sec4=family_holiday_ideas;sec5=chat_it_up;pos=btf;tag=adj;mtype=standard;sz=300x250;tile=4;u=pos-btf_tag-adj_mt[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\dearprudence;dir=arts;dir=dearprudence;ad=lb;del=js;ajax=n;heavy=n;pageId=slate-id-2237851;poe=yes;fromrss=n;rss=n;front=n;msn_refer=y;articleId=2237851;pos=leaderboard_[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\index;sec0=games;sec1=backyardigans;sec2=all-themes;sec3=all-ages;sec4=index;activity=the-backyardigans-games;pos=atf;tag=adj;mtype=standard;sz=728x90;tile=1;dcopt=ist;;[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\ID4ZMDCX\ll%26fromPageCatId%3D62055%26catNavId%3D62055&id=5463194158&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\abcat0400000;dcopt=ist;id=abcat0400000;type=cat;brand=;sku=;subzone1=undefined;subzone2=undefined;subzone3=undefined;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord=[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\abcat0401000;dcopt=ist;id=cat13504;type=cat;brand=;sku=;subzone1=abcat0401001;subzone2=abcat0401004;subzone3=cat13504;subzone4=undefined;pos=top;tile=1;sz=728x90,1x1;ord[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\CAUYZRL0.gsp%3Fcat%3D62055&id=4985630401&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-electronics-sales-english&activePlugin=none&cobrowse=true not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\index;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=index;pos=atf;flashName=pt_umiz;!category=team-umizoomi_showid;tag=adj;mtype=standard;sz=728x90;tile=1;;u=pos-atf_flash[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\terms_of_use;sec0=about;sec1=terms_of_use;pos=btf;activity=terms-of-use;tile=12;research=survey;tag=adj;mtype=standard;sz=1x2;u=pos-btf_activity-terms-of-use_tile-12_res[1] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\umiz_bot_mini;sec0=playtime;sec1=shows;sec2=umizoomi;sec3=games;sec4=umiz_bot_mini;pos=atf;flashName=umiz_bot_mini;!category=team-umizoomi_showid;tag=adj;mtype=standard;[2] not found!
File\Folder C:\Documents and Settings\Emmett & Roz\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDMBKTAV\_hp;sec0=_hp;pos=atf;category=home;activity=homepage;tile=1;tag=adj;mtype=standard;sz=728x90;dcopt=off;u=pos-atf_category-home_activity-homepage_tile-1_tag-adj_mtype-sta[2] not found!

Registry entries deleted on Reboot...
 
Hi soar3,

Sorry for the strife. :sad:

Forget about the OTL fix for now. We'll get back to that after we get the computer stable.

The replaced drivers seem to be conflicting with drivers on the computer.
I recommend uninstalling drivers for all devices on the motherboard in Device Manager (click Start, click Run..., type devmgmt.msc and press Enter) and then reinstall them (drivers for all devices that are on that driver disc - chipset, network, sound, etc.) after getting latest drivers for your motherboard from here (if that is indeed your motherboard). If you have the option, install chipset first, then the others.

I suggest you back up important data before going any further, just in case.
 
Last edited:
How do I delete just the drivers for the motherboard? I've never done that and I don't want to delete something that I don't have to. In device manager, what am I looking for specifically?
 
You must log in or register to reply here.
Back
Top