Internet Security 2010

View previous topic View next topic Go down

Internet Security 2010

Post by bpurcell on 19th January 2010, 2:11 am

OTL logfile created on: 1/18/2010 8:30:41 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 57.00 Mb Available Physical Memory | 13.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 20.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.68 Gb Total Space | 83.08 Gb Free Space | 79.37% Space Free | Partition Type: NTFS
Drive D: | 7.09 Gb Total Space | 0.28 Gb Free Space | 3.94% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-D0F670B45A
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/18 20:29:06 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2010/01/18 20:24:08 | 00,196,608 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix(2).exe
PRC - [2010/01/18 20:22:44 | 00,196,608 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
PRC - [2010/01/17 02:20:16 | 00,203,264 | ---- | M] () -- C:\WINDOWS\system32\18467.exe
PRC - [2010/01/05 21:20:30 | 00,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/12/12 06:09:31 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/12/07 04:22:08 | 00,266,888 | ---- | M] (Smilebox, Inc.) -- C:\Documents and Settings\Compaq_Owner\Application Data\Smilebox\SmileboxTray.exe
PRC - [2009/11/01 00:59:48 | 00,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe
PRC - [2009/10/31 10:59:30 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/09/17 05:19:53 | 00,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009/09/17 05:19:53 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/09/17 05:19:53 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/08/27 16:59:24 | 00,398,672 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2009/08/27 16:19:26 | 01,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2009/08/18 16:12:41 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/18 16:12:28 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/18 16:11:35 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/08/18 11:29:22 | 01,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/08/07 17:15:06 | 00,311,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2009/08/07 17:15:06 | 00,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/07/13 13:04:04 | 00,874,058 | ---- | M] () -- C:\Program Files\SelectRebates\SelectRebates.exe
PRC - [2009/07/01 12:35:38 | 00,167,936 | ---- | M] () -- C:\Program Files\Upromise\UpromiseTray.exe
PRC - [2009/07/01 12:19:32 | 00,081,920 | ---- | M] (Compete Inc) -- C:\Program Files\Upromise\dca-ua.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/26 01:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008/03/25 20:27:58 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2008/03/25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008/03/25 19:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008/03/25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2006/05/25 01:01:16 | 00,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
PRC - [2006/05/25 00:41:39 | 00,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2006/03/08 06:54:04 | 16,010,240 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2006/01/24 21:15:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2005/09/24 07:02:20 | 00,065,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
PRC - [2005/06/07 12:58:40 | 01,339,392 | ---- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2004/08/13 08:01:24 | 00,184,320 | ---- | M] (Creative Home) -- C:\Program Files\Sierra\Planner\PLNRnote.exe
PRC - [1998/05/07 11:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- c:\WINDOWS\system\hpsysdrv.exe


========== Modules (SafeList) ==========

MOD - [2010/01/18 20:29:06 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
MOD - [2009/03/21 09:06:58 | 01,779,141 | ---- | M] () -- C:\WINDOWS\system32\w32tcp.dll
MOD - [2009/03/21 09:06:58 | 00,415,686 | ---- | M] () -- C:\WINDOWS\system32\micme.dll
MOD - [2008/04/13 19:11:51 | 00,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2006/05/25 01:01:13 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\IadHide5.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/09/17 05:19:53 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/08/27 16:19:26 | 01,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2009/08/20 15:45:29 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca21d739e3f46a) Google Update Service (gupdate1ca21d739e3f46a)
SRV - [2009/08/20 15:43:22 | 00,190,448 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/08/18 16:11:35 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/08/18 11:29:22 | 01,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/08/07 17:15:06 | 00,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 19:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008/02/28 10:53:18 | 00,053,248 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/02/28 10:53:18 | 00,043,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2006/01/24 21:15:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2004/10/22 12:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/07/15 10:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2003/07/28 21:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2009/08/18 16:12:40 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/18 16:12:40 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/07/30 18:42:16 | 00,018,560 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2009/06/01 16:25:18 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/24 16:22:08 | 00,021,568 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2008/01/24 16:22:07 | 00,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2008/01/24 16:22:06 | 00,049,920 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/03/08 15:27:12 | 04,246,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/03/03 16:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 16:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/01/25 18:24:30 | 01,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/01/24 21:15:00 | 03,535,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/08/19 12:00:00 | 00,046,080 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2005/06/29 19:03:18 | 00,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/06/17 08:33:40 | 00,872,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/03/09 16:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 16:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 09:45:12 | 00,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-901966007-14454730-1866919336-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-901966007-14454730-1866919336-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-901966007-14454730-1866919336-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-901966007-14454730-1866919336-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-901966007-14454730-1866919336-1009\S-1-5-21-901966007-14454730-1866919336-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.westga.edu/"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:4.0
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:5.0.0.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.2.20080717


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/06/02 10:37:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\Firefox [2009/11/08 14:29:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2009/11/08 14:29:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/06 00:13:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/05 21:20:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/08/19 21:41:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2009/11/22 15:22:59 | 00,000,000 | ---D | M]

[2009/06/01 16:43:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2010/01/18 00:14:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\mbc4cxje.default\extensions
[2009/09/17 05:23:02 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\mbc4cxje.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/08/09 18:17:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\mbc4cxje.default\extensions\toolbar@shopathome.com
[2010/01/18 00:14:47 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/22 15:22:57 | 00,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
[2008/06/18 01:43:04 | 00,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll

O1 HOSTS File: ([2004/08/04 06:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (TTB000000 Class) - {62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} - C:\WINDOWS\CouponBarIE.dll (Coupons, Inc.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (TODO: )
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (CouponBar) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - C:\WINDOWS\CouponBarIE.dll (Coupons, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ShopAtHome Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome)
O3 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\..\Toolbar\WebBrowser: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\..\Toolbar\WebBrowser: (CouponBar) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - C:\WINDOWS\CouponBarIE.dll (Coupons, Inc.)
O3 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\..\Toolbar\WebBrowser: (ShopAtHome Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe ()
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-901966007-14454730-1866919336-1009..\Run: [cdloader] C:\Documents and Settings\Compaq_Owner\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-901966007-14454730-1866919336-1009..\Run: [iLike] C:\Program Files\iLike\1.2.16\ilikesidebar.exe (iLike)
O4 - HKU\S-1-5-21-901966007-14454730-1866919336-1009..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe File not found
O4 - HKU\S-1-5-21-901966007-14454730-1866919336-1009..\Run: [SmileboxTray] C:\Documents and Settings\Compaq_Owner\Application Data\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - HKU\S-1-5-21-901966007-14454730-1866919336-1009..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-901966007-14454730-1866919336-1009..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKU\S-1-5-21-901966007-14454730-1866919336-1009..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - HKU\S-1-5-21-901966007-14454730-1866919336-1009..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - HKU\S-1-5-21-901966007-14454730-1866919336-1009..\Run: [WS9E3IQBKY] C:\WINDOWS\system32\18467.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Event Planner Reminders Tray Icon.lnk = C:\Program Files\Sierra\Planner\PLNRnote.exe (Creative Home)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm File not found
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm File not found
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\..Trusted Domains: plaxo.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-901966007-14454730-1866919336-1009\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [You must be registered and logged in to see this link.] (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} [You must be registered and logged in to see this link.] (CBSTIEPrint Class)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} [You must be registered and logged in to see this link.] (InstantAction Game Launcher)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (logon.exe) - C:\WINDOWS\System32\logon.exe ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\ipxlan: DllName - ipxlan.dll - C:\WINDOWS\System32\ipxlan.dll ()
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/05 01:50:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 07:01:14 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell\phone\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/18 20:29:06 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2010/01/18 20:24:16 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/18 19:20:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/18 19:18:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Mozilla
[2010/01/18 19:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2010/01/17 16:50:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Threat Expert
[2010/01/17 10:51:28 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2010/01/17 01:59:57 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/12 19:01:51 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/01/11 16:48:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Fax
[2009/11/08 14:29:03 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/08/28 15:28:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/08/20 15:58:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/08/20 15:46:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/08/06 08:55:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HP
[2009/06/01 16:19:53 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/06/01 16:19:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2006/02/19 12:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Compaq_Owner\My Documents\*.tmp files -> C:\Documents and Settings\Compaq_Owner\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/18 20:29:06 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2010/01/18 20:27:14 | 00,000,276 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/01/18 20:24:08 | 00,196,608 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix(2).exe
[2010/01/18 20:22:44 | 00,196,608 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2010/01/18 20:05:19 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/18 19:49:53 | 00,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/01/18 19:45:56 | 00,050,180 | ---- | M] () -- C:\WINDOWS\System32\logon.exe
[2010/01/18 19:37:00 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\񀿉
[2010/01/18 19:31:41 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/01/18 19:31:08 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/01/18 19:30:45 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/18 19:30:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/18 19:30:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/18 19:30:07 | 46,824,2432 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/18 19:28:55 | 03,932,160 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\NTUSER.DAT
[2010/01/18 19:28:55 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.ini
[2010/01/18 17:15:31 | 48,006,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/01/18 11:28:15 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/18 11:08:15 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/18 10:48:15 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/18 10:28:14 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/18 09:47:46 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/18 09:47:41 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\IS15.exe
[2010/01/18 09:47:30 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/18 09:43:56 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010/01/18 09:32:38 | 00,142,275 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/01/17 16:35:10 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\4827.exe
[2010/01/17 16:15:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11942.exe
[2010/01/17 15:54:53 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\2995.exe
[2010/01/17 15:34:49 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\491.exe
[2010/01/17 15:14:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\9961.exe
[2010/01/17 14:54:46 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\16827.exe
[2010/01/17 14:34:41 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\23281.exe
[2010/01/17 14:14:37 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/17 13:54:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/17 13:34:29 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/17 13:14:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/17 12:54:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/17 12:34:13 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/17 11:22:00 | 00,140,841 | ---- | M] () -- C:\WINDOWS\System32\minidump.dmp
[2010/01/17 02:20:16 | 00,203,264 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/17 02:14:38 | 00,000,764 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Internet Security 2010.lnk
[2010/01/17 01:54:51 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/17 01:54:31 | 00,025,088 | ---- | M] () -- C:\WINDOWS\System32\smss32.exe
[2010/01/13 03:19:25 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/11 16:50:44 | 00,001,071 | ---- | M] () -- C:\WINDOWS\AWMODEM.INF
[2010/01/08 16:28:26 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/01/08 07:16:42 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/02 10:58:15 | 00,014,336 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/31 06:10:57 | 00,001,051 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\magicJack.lnk
[2009/12/23 20:15:15 | 00,001,923 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Compaq_Owner\My Documents\*.tmp files -> C:\Documents and Settings\Compaq_Owner\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/18 20:24:08 | 00,196,608 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix(2).exe
[2010/01/18 20:22:43 | 00,196,608 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2010/01/18 19:47:06 | 00,050,180 | ---- | C] () -- C:\WINDOWS\System32\logon.exe
[2010/01/18 09:47:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/18 00:24:36 | 00,025,088 | ---- | C] () -- C:\WINDOWS\System32\smss32.exe
[2010/01/17 16:35:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2010/01/17 16:15:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2010/01/17 15:54:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2010/01/17 15:34:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2010/01/17 15:14:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2010/01/17 14:54:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2010/01/17 14:34:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2010/01/17 14:14:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/17 13:54:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/17 13:34:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/17 13:14:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/17 12:54:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/17 12:34:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/17 12:14:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/17 11:54:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/17 11:34:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/17 11:14:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/17 02:20:15 | 00,203,264 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/17 02:00:03 | 00,000,764 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Internet Security 2010.lnk
[2010/01/17 01:59:54 | 00,000,276 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/01/17 01:59:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/17 01:59:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\IS15.exe
[2010/01/17 01:58:54 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010/01/17 01:54:51 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/11 16:50:44 | 00,001,071 | ---- | C] () -- C:\WINDOWS\AWMODEM.INF
[2009/12/23 20:15:15 | 00,001,923 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/11/27 14:27:13 | 00,000,416 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2009/11/27 13:54:57 | 00,000,247 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/11/27 13:54:35 | 00,000,197 | ---- | C] () -- C:\WINDOWS\KA.INI
[2009/11/14 12:50:16 | 00,000,082 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2009/10/04 19:13:29 | 00,000,110 | ---- | C] () -- C:\WINDOWS\{0A0D52EF-D7FE-495E-AFD0-BC34E832A6A5}_WiseFW.ini
[2009/08/06 08:55:46 | 00,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2009/07/04 12:12:52 | 00,000,122 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/06/11 19:08:50 | 00,306,688 | R--- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2009/06/11 19:08:50 | 00,095,232 | R--- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2009/06/01 16:36:23 | 00,014,336 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/05/25 01:31:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/25 01:05:54 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/05/25 00:59:57 | 00,012,994 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/05/25 00:59:51 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/05/25 00:57:39 | 00,000,166 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/05/25 00:56:19 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/05/25 00:44:07 | 00,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/05/25 00:42:27 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/05/25 00:37:36 | 00,001,992 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/05/25 00:36:12 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/05/25 00:33:28 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/05/25 00:33:28 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/05/25 00:33:28 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/05/25 00:33:28 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/05/25 00:33:28 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/05/25 00:33:28 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/05/25 00:33:26 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/05/25 00:18:44 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/05/25 00:15:13 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/03/02 16:31:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/04 06:00:00 | 01,779,141 | ---- | C] () -- C:\WINDOWS\System32\w32tcp.dll
[2004/08/04 06:00:00 | 01,338,495 | ---- | C] () -- C:\WINDOWS\System32\ipxlan.dll
[2004/08/04 06:00:00 | 00,415,686 | ---- | C] () -- C:\WINDOWS\System32\micme.dll
[2004/06/15 16:38:00 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/08 00:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/22 13:46:56 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 03:00:00 | 00,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20240A47
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

bpurcell
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2010-01-19
OS OS : windows XP
Points Points : 25173
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet Security 2010

Post by Dr Jay on 19th January 2010, 10:15 am

Hello.

Please visit this webpage for instructions for downloading and running ComboFix:

[You must be registered and logged in to see this link.]

Post the log from ComboFix when you've accomplished that.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum