used pc is being cyber abused

oldman960 · Sep 21, 2011

Hi musicalpulltoy,

AVG analyzer

I don't use that program so I'm not sure what to make of it's findings.

no i dont use reg fixers,

:thumbup: Good, they don't really do a whole lot for you.

We'll remove OTM first then I'll give you a link to a tool you can use for temorary files.

Open OTM then click the Clean Up button. You may get prompted by your firewall that OTM wants to contact the internet - allow this. A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.

Here's a very good simple tool to use everynow and and then to clean out the temporary files. It's yours to keep and use it does pretty much the same as OTM.

Download TFC to your desktop

Close any open windows.
Double click the TFC icon to run the program
TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean

musicalpulltoy · Sep 21, 2011

um,
iexplorer running slow and causes slow switching from program to program.
heard about totally uninstalling then reinstall ie7 lnstead of ie8.
a popup "kargo_224272_pantene_IPHONEINDEX.m3u8" which is a m3u8 file from http://m.cdn.cloud.kargo.tv . reaccuring.
i had gotten this before we started removale but not during removal till now.
??

musicalpulltoy · Sep 21, 2011

otm has froze :s
i downloaded the cleaner TY.

musicalpulltoy · Sep 21, 2011

nevermind it ran second time.
there were 3 files it couldnt delete but couldnt see what they were window size was too small to see.

oldman960 · Sep 22, 2011

Hi musicalpulltoy,

Are you using an Iphone on this computer? m3u8 files can also be used by Itunes.

heard about totally uninstalling then reinstall ie7 lnstead of ie8.

There isn't any need to reinstall IE7. It will automatically rooll back to IE7 when IE8 is uninstalled. However since you installed IE8 before you installed Service Pack3, Service Pack3 will need to be uninstalled first.

musicalpulltoy · Sep 22, 2011

hi.
i use an iphone emulator with firefox to visit a chat site that only allows phones.
turned the java off and the popup stoped.
firefox is what i mainly use but some times only IE will work for a site and it lags whole pc.
other then that everything seems ok.

oldman960 · Sep 23, 2011

Hi musicalpulltoy,

Looks like that site might be fir people to share small video clips. Does this happen all the time or only when you are using the emulator?

musicalpulltoy · Sep 24, 2011

hi,,
your right, some little clips from website wanted to download.
yes, only when emulating.
any chance this will work?

http://www.pcauthorities.com/how-to/ie8-how-to/prevent-ie8-from-being-installed/

then revert to ie7.

oldman960 · Sep 24, 2011

Hi

It would seem that something on the site you are using with the emulator is also connecting to the other site with the video clips. Do you go to m.cdn.cloud.kargo.tv or a similar site?

any chance this will work?

No. The info in that link is to prevent IE8 from being installed. You all ready have IE8 installed. As mentioned any version of IE that was installed prior to Service Pack3 being installed can not be uninstalled without Service Pack3 being uninstalled first.

You can uninstall Service Pack3 via add/remove programs then uninstall IE8. Once IE8 is uninstalled you can reinstall Service Pack3. You shouldn't have the same difficulties you had before as you have corrected the permissions issue you experienced earlier.

An easy way to prevent IE8 from installing is

set Automatic Updates to "download updates for me, but let me choose when to install them?
When you are notified that updates are ready to be installed
click the yellow update icon
click Custom install (advanced)
Click next
Uncheck IE8
If there any other updates click install
otherwise click close
You will be presented with a warning box, "updates that aren't selected will not be installed", check the box beside "Don't notify me about these updates again
click ok

IE8 should not be offered again.

musicalpulltoy · Sep 25, 2011

happy fall.
well thats going to be a hassle.
time to make new back up and restore point?
yesterday incredimail decided to become default search engine.
i uninstalled it i thought yet remains are in "all users".
happened when i tried to access firefox "about config" to undo a fix for Script: chrome://browser/content/preferences/advanced.js:259 error opening options , advanced settings.
that i found at forum.worldstart.com "Help tab>about?" Right click on the entry I have highlighted and modify the setting to show 50.
it stoped the error but didnt seem to run right.

(hate computers)

oldman960 · Sep 25, 2011

Hi musicalpulltoy,

You should be able to change the default search engine back to google by typing about:config in the FireFox address field. Locate browser.search.defaultenginename, right click and click reset. Or right click and click moify and type Google in the box and click ok.

musicalpulltoy · Sep 29, 2011

hi
we did that before.
some where icerdimail lurks waiting to return.
its done it already.

oldman960 · Sep 29, 2011

Hi musicalpulltoy,

Click your start button > Control panel > add/remove programs and uninstall incredimail if it's present.

Download OTL to your desktop
Double click on OTL.exe

Under the Custom Scans/Fixes box at the bottom, paste in the following
Do Not copy the word CODE
please note the fix starts with the :

Code:

:services

:Files
c:\documents and settings\dad\local settings\application data\IM
c:\documents and settings\all users\application data\IncrediMail
c:\documents and settings\all users\application data\IM

:Commands
[createrestorepoint]

Then click the Run Fix button at the top

Let the program run unhindered
Reboot your computer

Next open FireFox. In the address bar type about:config hit enter. Click "I promise to be careful."

Scroll down to

browser.search.defaulturl right click and click reset

Do the same for each of these

browser.startup.homepage
keyword.URL

Next, in the Filter field just above the list type incredimail. Right click and click reset on any entries that are listed.

Open OTL check the box beside scan all users and click the Run scan button.

Please post back with both OTL logs, OTL.txt and Extra.txt

Is incredimail still there?

musicalpulltoy · Oct 2, 2011

hi *<];-)
i had uninstalled it.
this time its all out of "all users" though

OTL logfile created on: 10/1/2011 3:02:53 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\DAD\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.24 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 51.14% Memory free
4.22 Gb Paging File | 3.77 Gb Available in Paging File | 89.34% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.21 Gb Total Space | 11.37 Gb Free Space | 33.24% Space Free | Partition Type: NTFS
Drive E: | 232.88 Gb Total Space | 159.77 Gb Free Space | 68.60% Space Free | Partition Type: NTFS

Computer Name: DJJXF091 | User Name: DAD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/30 23:32:44 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
PRC - [2011/09/10 06:28:50 | 002,338,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/09/09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 08:45:28 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/08/18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/08/18 01:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/05/23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2011/03/18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011/03/16 15:32:59 | 000,325,000 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010/03/29 13:02:48 | 000,520,234 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [Disabled | Stopped] -- -- (nosGetPlusHelper) getPlus(R)
SRV - File not found [Disabled | Stopped] -- -- (DirMon2)
SRV - File not found [Auto | Stopped] -- -- (DCService.exe)
SRV - File not found [Disabled | Stopped] -- -- (AppMgmt)
SRV - [2011/08/18 08:45:28 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/08/18 01:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2011/02/10 15:29:24 | 000,150,528 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2008/08/26 15:58:12 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2007/06/25 08:47:12 | 001,552,680 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)

========== Driver Services (SafeList) ==========

DRV - [2011/05/27 19:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/04/14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/14 00:15:34 | 000,011,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\scsiscan.sys -- (scsiscan)
DRV - [2008/03/11 15:58:56 | 000,059,776 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2008/03/11 15:58:50 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2008/03/11 15:58:48 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2008/03/11 15:58:44 | 000,029,824 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2007/06/25 08:47:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007/06/25 08:47:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007/06/25 08:47:02 | 000,119,080 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007/04/23 14:11:54 | 000,224,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2006/02/23 14:58:25 | 000,167,808 | R--- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/12/14 21:03:19 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/05/12 22:17:00 | 000,457,312 | R--- | M] (Atheros Communications, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\N3AB.sys -- (N3AB)
DRV - [2005/03/14 14:01:38 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2004/09/17 13:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/04 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002/04/11 11:47:52 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfilter.sys -- (IPFilter)
DRV - [2001/08/17 13:57:46 | 000,065,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3legacy.sys -- (s3legacy)
DRV - [2001/08/17 13:50:20 | 000,114,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epstw2k.sys -- (epstw2k)
DRV - [2001/08/17 12:50:56 | 000,050,432 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SiSV.sys -- (SiSV)
DRV - [2001/08/17 12:50:34 | 000,166,720 | ---- | M] (S3 Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3m.sys -- (s3m)
DRV - [1999/05/28 14:53:30 | 000,150,872 | R--- | M] (Trident Microsystems Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\TridWnW.sys -- (TridWnW)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

IE - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1410
FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}:7.0
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:5.4
FF - prefs.js..extensions.enabledItems: firefox@ghostery.com:2.6.0.1
FF - prefs.js..extensions.enabledItems: {f36c6cd1-da73-491d-b290-8fc9115bfa55}:2.2.0
FF - prefs.js..extensions.enabledItems: jsdeobfuscator@adblockplus.org:1.5.7
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.10
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.7.3
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\DAD\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\DAD\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\DAD\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\DAD\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/09/17 16:44:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/18 08:27:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/08 20:38:57 | 000,000,000 | ---D | M]

[2009/11/23 22:10:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Extensions
[2011/09/27 02:18:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions
[2010/11/07 10:53:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/14 16:22:47 | 000,000,000 | ---D | M] ("Split Browser") -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}
[2011/09/07 19:41:45 | 000,000,000 | ---D | M] (Tor-Proxy.NET Toolbar) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\{9815d32d-08c2-42ca-a8c6-43e501a4512f}
[2011/07/31 18:11:47 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/09/07 23:43:07 | 000,000,000 | ---D | M] (Easy YouTube Video Downloader) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2011/08/18 08:34:41 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2011/09/27 00:14:34 | 000,000,000 | ---D | M] (WorldIP) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\{f36c6cd1-da73-491d-b290-8fc9115bfa55}
[2011/07/13 05:36:08 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\anttoolbar@ant(2).com
[2011/09/27 02:18:16 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\firebug@software.joehewitt.com
[2011/09/07 23:43:07 | 000,000,000 | ---D | M] (Ghostery) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\firefox@ghostery.com
[2011/07/13 05:36:10 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\flashfirebug@o-minds(2).com
[2011/09/27 02:14:47 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\inspector@mozilla.org
[2011/09/27 00:13:32 | 000,000,000 | ---D | M] (JavaScript Deobfuscator) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\extensions\jsdeobfuscator@adblockplus.org
[2011/03/23 20:42:20 | 000,000,939 | ---- | M] () -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\searchplugins\conduit.xml
[2011/08/26 23:22:11 | 000,002,207 | ---- | M] () -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\fn2dlw99.default\searchplugins\MyStart Search.xml
[2011/09/27 02:18:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/18 08:46:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
[2011/09/17 16:44:50 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/08/18 08:45:29 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\DAD\Local Settings\Application Data\Google\Chrome\Application\13.0.782.215\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\DAD\Local Settings\Application Data\Google\Chrome\Application\13.0.782.215\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\DAD\Local Settings\Application Data\Google\Chrome\Application\13.0.782.215\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\DAD\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_1\plugins/avgnpss.dll
CHR - plugin: getPlusPlus for Adobe 162102 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\DAD\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\DAD\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\

O1 HOSTS File: ([2011/09/07 17:56:45 | 000,436,608 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15043 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Task Catcher] C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe (BillP Studios)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SystemExplorerDisabled [2011/09/01 03:51:19 | 000,000,000 | ---D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246219383859 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06BD7469-7F5C-4449-9B14-D38A61E9D028}: NameServer = 68.105.28.11,68.105.28.12,68.105.29.12
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/01 14:37:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/30 23:32:49 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
[2011/09/23 17:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\gtk-2.0
[2011/09/23 17:18:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\.thumbnails
[2011/09/23 17:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\.gimp-2.6
[2011/09/23 17:14:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\My Documents\gegl-0.0
[2011/09/23 16:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GIMP
[2011/09/23 16:37:03 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2011/09/23 14:43:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\My Documents\My Drivers
[2011/09/23 14:43:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Local Settings\Application Data\Innovative Solutions
[2011/09/23 14:43:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2011/09/23 13:39:52 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\s3legacy.sys
[2011/09/23 13:39:52 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2011/09/23 13:39:20 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\s3legacy.dll
[2011/09/23 13:39:20 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2011/09/21 12:58:43 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\TFC.exe
[2011/09/16 18:36:44 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011/09/16 18:35:28 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011/09/16 18:33:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/09/16 18:33:31 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/09/16 18:33:26 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/09/16 18:20:23 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2011/09/16 18:20:23 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2011/09/16 18:20:23 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2011/09/16 18:20:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshom.ocx
[2011/09/16 18:20:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2011/09/16 18:20:23 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll
[2011/09/16 18:06:03 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/09/16 18:05:24 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/09/16 17:50:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/09/10 14:05:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/09/10 12:42:16 | 002,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004152_.tmp.dll
[2011/09/10 12:39:23 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004145_.tmp.dll
[2011/09/10 12:39:23 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004150_.tmp.dll
[2011/09/10 12:39:22 | 000,986,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004138_.tmp.dll
[2011/09/10 12:39:22 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004144_.tmp.dll
[2011/09/10 12:39:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004139_.tmp.dll
[2011/09/10 12:39:22 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004142_.tmp.dll
[2011/09/10 12:39:22 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2011/09/10 12:39:22 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004143_.tmp.dll
[2011/09/10 12:39:21 | 000,724,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004134_.tmp.dll
[2011/09/10 12:39:21 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004131_.tmp.dll
[2011/09/10 12:39:20 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004125_.tmp.dll
[2011/09/10 12:39:19 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004124_.tmp.dll
[2011/09/10 12:39:19 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2011/09/10 12:39:18 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004114_.tmp.dll
[2011/09/10 12:39:18 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004111_.tmp.dll
[2011/09/10 12:39:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004110_.tmp.dll
[2011/09/10 12:39:18 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004115_.tmp.dll
[2011/09/10 12:39:17 | 000,983,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004108_.tmp.dll
[2011/09/10 12:39:16 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll
[2011/09/10 12:39:15 | 001,858,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2011/09/10 12:39:15 | 001,850,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004100_.tmp.dll
[2011/09/10 12:39:13 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004098_.tmp.dll
[2011/09/10 12:39:12 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys
[2011/09/10 12:39:12 | 000,071,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\_004074_.tmp.dll
[2011/09/10 11:41:02 | 331,805,736 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\DAD\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe
[2011/09/09 09:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\Safer Networking
[2011/09/09 02:12:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/07 19:17:06 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2011/09/07 11:00:33 | 000,012,568 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2011/09/05 00:25:19 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[90 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/01 08:40:53 | 133,862,605 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/09/30 23:32:44 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
[2011/09/30 19:06:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/30 19:04:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/27 01:13:30 | 000,037,540 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/09/27 01:11:45 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/27 00:30:42 | 000,006,841 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\ban.html
[2011/09/26 03:08:46 | 000,079,608 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\Now Playing.wpl
[2011/09/23 17:57:18 | 000,002,167 | ---- | M] () -- C:\Documents and Settings\DAD\.recently-used.xbel
[2011/09/23 14:48:54 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/09/21 13:14:55 | 000,167,504 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/21 12:58:39 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\TFC.exe
[2011/09/20 13:34:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/19 09:56:09 | 000,465,563 | ---- | M] () -- C:\Documents and Settings\DAD\My Documents\ALLLYRICSTODATE.RTF
[2011/09/17 16:45:45 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/09/16 20:06:18 | 000,463,932 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/16 20:06:18 | 000,079,208 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/09/14 15:49:36 | 000,760,320 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\MicrosoftFixit50389.msi
[2011/09/10 15:32:35 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/09/10 15:32:35 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/09/10 11:57:20 | 331,805,736 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\DAD\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe
[2011/09/09 08:49:23 | 000,000,328 | -HS- | M] () -- C:\boot.ini
[2011/09/09 02:12:31 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2011/09/09 02:12:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/09 00:23:12 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\DAD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/08 23:14:40 | 000,000,059 | ---- | M] () -- C:\WINDOWS\System32\everest_cpl.ini
[2011/09/07 17:56:45 | 000,436,608 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/09/07 17:48:13 | 000,436,608 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110907-175645.backup
[2011/09/07 17:20:22 | 000,436,608 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110907-174812.backup
[2011/09/07 17:17:48 | 000,436,163 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110907-172022.backup
[2011/09/07 11:00:33 | 000,012,568 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2011/09/02 19:03:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110907-171748.backup

========== Files Created - No Company Name ==========

[2011/09/27 00:30:42 | 000,006,841 | ---- | C] () -- C:\Documents and Settings\DAD\Desktop\ban.html
[2011/09/24 07:51:03 | 000,079,608 | ---- | C] () -- C:\Documents and Settings\DAD\Desktop\Now Playing.wpl
[2011/09/23 17:57:18 | 000,002,167 | ---- | C] () -- C:\Documents and Settings\DAD\.recently-used.xbel
[2011/09/14 15:48:59 | 000,760,320 | ---- | C] () -- C:\Documents and Settings\DAD\Desktop\MicrosoftFixit50389.msi
[2011/09/09 02:12:30 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/08/27 16:32:41 | 000,000,059 | ---- | C] () -- C:\WINDOWS\System32\everest_cpl.ini
[2011/05/28 00:47:06 | 000,037,540 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/30 11:53:26 | 000,166,400 | ---- | C] () -- C:\WINDOWS\System32\TridTray.exe
[2011/04/12 23:13:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/03/31 23:15:01 | 000,021,312 | ---- | C] () -- C:\WINDOWS\choice.exe
[2011/03/31 00:26:19 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2009/12/27 18:30:41 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/05/08 20:58:20 | 000,002,230 | ---- | C] () -- C:\WINDOWS\BJWIN.INI
[2009/05/08 20:48:40 | 000,000,027 | ---- | C] () -- C:\WINDOWS\VPWIN.INI
[2009/03/19 20:49:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ump.INI
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/03 20:28:02 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DAD\Application Data\PFP120JPR.{PB
[2007/04/03 20:28:02 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DAD\Application Data\PFP120JCM.{PB
[2006/11/09 17:24:59 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/07/21 20:35:28 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\DAD\Local Settings\Application Data\fusioncache.dat
[2006/07/17 19:46:23 | 000,102,400 | R--- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2006/06/13 12:56:12 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\uccspecb.sys
[2006/05/21 15:46:23 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/12/26 23:00:38 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\DAD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/26 18:58:09 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/12/23 17:34:50 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/14 21:19:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/12/14 21:12:00 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/12/14 21:04:02 | 000,004,175 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/12/14 21:02:14 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/14 20:41:28 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/12/14 20:41:10 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/12/14 20:41:10 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/28 07:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,167,504 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,463,932 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,079,208 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/04/11 11:47:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\msmscoin.dll
[2002/03/19 17:30:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\PowerCalc.exe

< End of report >

oldman960 · Oct 2, 2011

Hi musicalpulltoy,

this time its all out of "all users" though

Do you mean it's gone now?

Next, Double click on OTL.exe

Under the Custom Scans/Fixes box at the bottom, paste in the following
Do Not copy the word CODE
please note the fix starts with the :

Code:

:Services

:OTL
O3 - HKU\S-1-5-21-1668751319-4250827956-263943839-1006\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found

Then click the Run Fix button at the top

Let the program run unhindered

musicalpulltoy · Oct 2, 2011

hey
done.
yes incredimail folder is now gone.

oldman960 · Oct 3, 2011

Hi musicalpulltoy,

If everything seems ok you can remove OTL. Open OTL and click the Clean Up button. The tool will remove itself.

Take care.

musicalpulltoy · Oct 3, 2011

hey oldman
finally had enough of me :-D
youve been more then helpfull.
THANK YOU MUCH!!

oldman960 · Oct 3, 2011

Hi musicalpulltoy,

It's been a pleasure and you are more than welcome.

Take care, keep safe.

oldman960 · Oct 6, 2011

Since this issue appears to be resolved ... this Topic has been closed.

used pc is being cyber abused

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member