Internet Security 2010 virus help

View previous topic View next topic Go down

Internet Security 2010 virus help

Post by bafred on Mon Jan 25, 2010 12:37 am

My daughter picked up the Internet Security 2010 virus. Here are the two files you ask everyone for...thanks in advance...

OTL logfile created on: 1/24/2010 6:17:30 PM - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Documents and Settings\Kelsey\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 376.00 Mb Available Physical Memory | 37.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 226.76 Gb Total Space | 191.90 Gb Free Space | 84.63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SONY
Current User Name: Kelsey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/24 11:33:19 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kelsey\Desktop\OTL.exe
PRC - [2010/01/24 11:20:56 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010/01/23 15:36:39 | 01,050,624 | ---- | M] (Internet Security) -- C:\Program Files\InternetSecurity2010\IS2010.exe
PRC - [2010/01/23 15:32:13 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\system32\smss32.exe
PRC - [2010/01/07 17:21:50 | 00,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/07/21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/16 13:33:30 | 00,157,696 | R--- | M] (The RaProducts Team: Paul McLain and Fred de Vries) -- C:\Documents and Settings\Kelsey\Local Settings\Temp\Temporary Directory 2 for JavaRa.zip\JavaRa.exe
PRC - [2009/05/13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/01/06 13:06:36 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/01/06 13:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/09/25 21:47:03 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/29 09:55:54 | 01,347,584 | ---- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2007/06/17 15:25:35 | 00,336,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2007/01/04 15:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/12/23 17:05:20 | 00,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/12/23 17:04:42 | 00,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006/12/23 16:54:04 | 00,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2006/11/23 14:10:42 | 00,056,928 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2006/03/03 20:03:22 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZinw12.exe
PRC - [2006/02/19 04:29:46 | 00,139,264 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hp\Digital Imaging\bin\hpqnrs08.exe
PRC - [2006/02/19 04:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe
PRC - [2006/02/19 03:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
PRC - [2006/02/19 01:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
PRC - [2006/02/10 06:56:12 | 00,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hp\Digital Imaging\bin\hpqimzone.exe
PRC - [2005/08/07 23:54:00 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2004/10/21 13:20:10 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
PRC - [2004/10/08 09:50:52 | 00,088,363 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
PRC - [2004/09/29 06:15:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2004/09/29 02:16:44 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2004/06/03 02:51:27 | 00,172,032 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\type32.exe
PRC - [2004/06/03 02:50:07 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\point32.exe


========== Modules (SafeList) ==========

MOD - [2010/01/24 11:33:19 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kelsey\Desktop\OTL.exe
MOD - [2008/04/13 18:11:56 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/24 11:20:56 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/05/03 17:38:49 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/01/06 13:06:24 | 00,536,872 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2007/01/05 12:41:10 | 00,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2007/01/04 15:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/23 16:54:04 | 00,262,144 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/05/11 17:15:50 | 00,052,736 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.DLL -- (Pml Driver HPZ12)
SRV - [2005/08/07 23:54:00 | 00,167,936 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2005/05/20 09:37:12 | 00,081,920 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE -- (HP Port Resolver)
SRV - [2004/10/16 04:31:06 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE -- (HP Status Server)
SRV - [2004/09/29 02:16:44 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2004/07/14 23:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2009/07/28 15:33:56 | 00,055,656 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 09:12:24 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/09 00:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/03/30 09:33:07 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:35:05 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/11/20 13:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/11/07 14:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/04/13 10:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/18 10:42:52 | 00,461,952 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MRVW245.sys -- (MRVW245) Marvell TOPDOG 802.11n WLAN Driver for Windows XP (USB8x)
DRV - [2007/06/17 14:32:45 | 00,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2006/12/31 23:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005/10/22 06:22:48 | 00,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005/10/21 18:58:58 | 00,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005/10/21 18:58:52 | 00,049,920 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2004/10/27 16:24:52 | 02,297,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/10/08 09:51:08 | 01,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/09/29 02:22:22 | 00,800,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/05 20:20:34 | 00,788,736 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smrt.sys -- (smrt)
DRV - [2004/06/03 02:50:07 | 00,020,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\point32.sys -- (Point32)
DRV - [2004/02/10 13:49:14 | 00,154,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)
DRV - [2001/08/17 12:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
DRV - [2001/08/17 11:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2000/12/05 15:18:02 | 00,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.20.1.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.0.3
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.2.1
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.1.3
FF - prefs.js..extensions.enabledItems: {6b6601f1-361e-4b9f-bb6d-f8305000e4f6}:0.9.15.14
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query="


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/10 11:30:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/24 11:21:10 | 00,000,000 | ---D | M]

[2009/12/06 17:30:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kelsey\Application Data\Mozilla\Extensions
[2009/12/06 17:30:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kelsey\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/01/24 11:22:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kelsey\Application Data\Mozilla\Firefox\Profiles\earmmjnl.default\extensions
[2009/02/22 13:38:14 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Kelsey\Application Data\Mozilla\Firefox\Profiles\earmmjnl.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/09/27 08:38:21 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kelsey\Application Data\Mozilla\Firefox\Profiles\earmmjnl.default\extensions\{6b6601f1-361e-4b9f-bb6d-f8305000e4f6}
[2008/09/27 08:12:26 | 00,000,000 | ---D | M] (Fire.fm) -- C:\Documents and Settings\Kelsey\Application Data\Mozilla\Firefox\Profiles\earmmjnl.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2008/12/08 19:30:10 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kelsey\Application Data\Mozilla\Firefox\Profiles\earmmjnl.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2008/09/28 07:27:48 | 00,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Kelsey\Application Data\Mozilla\Firefox\Profiles\earmmjnl.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2008/09/27 08:08:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kelsey\Application Data\Mozilla\Firefox\Profiles\earmmjnl.default\extensions\firefox@facebook.com
[2010/01/24 11:22:20 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/04/16 11:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2008/10/04 16:49:07 | 00,000,763 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: HPC6150.home HP0017A479FC73
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (PCCBHO.CPCCBHO) - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll (Capital Intellect Inc)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HDAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\point32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (IpVOPqgs)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [type32] C:\Program Files\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe File not found
O4 - HKCU..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk = C:\Program Files\D-Link\D-Link Wireless N USB Adapter DWA-130\wirelesscm.exe ( )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra 'Tools' menuitem : PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (Capital Intellect, Inc)
O9 - Extra Button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (Capital Intellect, Inc)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\helper32.dll ()
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} [You must be registered and logged in to see this link.] (VaioInfo.CMClass)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} [You must be registered and logged in to see this link.] (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} [You must be registered and logged in to see this link.] (DDRevision Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} [You must be registered and logged in to see this link.] (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (IpVOPqgs)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kelsey\Application Data\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/24 08:15:52 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/24 17:40:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/01/24 11:33:18 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kelsey\Desktop\OTL.exe
[2010/01/24 11:21:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/01/24 11:21:09 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/01/24 11:21:09 | 00,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/01/24 11:21:09 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/01/24 11:21:09 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/01/24 11:15:47 | 16,254,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Kelsey\Desktop\jre-6u18-windows-i586.exe
[2010/01/24 10:43:41 | 09,034,488 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Kelsey\Desktop\mssefullinstall-x86fre-en-us-xp.exe
[2010/01/23 21:15:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/01/23 20:20:24 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/01/23 20:20:24 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/01/23 20:20:24 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/01/23 20:20:24 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/01/23 20:20:22 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/01/23 20:20:20 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/01/23 15:46:43 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010/01/23 15:32:17 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 15:32:17 | 00,020,480 | ---- | C] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/12 20:08:29 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/07/22 02:00:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/02/22 14:14:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/02/22 13:48:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/09/27 11:05:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/09/24 08:24:50 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/09/24 08:15:49 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2006/02/19 02:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[7 C:\Documents and Settings\Kelsey\My Documents\*.tmp files -> C:\Documents and Settings\Kelsey\My Documents\*.tmp -> ]
[5 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/24 18:16:46 | 00,000,434 | ---- | M] () -- C:\WINDOWS\tasks\RegPowerClean.job
[2010/01/24 18:16:33 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2010/01/24 18:00:37 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\27529.exe
[2010/01/24 17:40:24 | 00,259,072 | ---- | M] () -- C:\WINDOWS\System32\9741.exe
[2010/01/24 16:39:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\20037.exe
[2010/01/24 16:19:41 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\32757.exe
[2010/01/24 15:59:41 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\32662.exe
[2010/01/24 15:39:41 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\27644.exe
[2010/01/24 15:19:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\25547.exe
[2010/01/24 14:59:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6868.exe
[2010/01/24 14:39:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28253.exe
[2010/01/24 14:19:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\7711.exe
[2010/01/24 13:59:39 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15141.exe
[2010/01/24 13:39:39 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\4664.exe
[2010/01/24 13:36:01 | 00,000,420 | ---- | M] () -- C:\WINDOWS\tasks\RPCReminder.job
[2010/01/24 13:19:39 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\17673.exe
[2010/01/24 12:59:38 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\30333.exe
[2010/01/24 12:39:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\31322.exe
[2010/01/24 12:19:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\23811.exe
[2010/01/24 11:59:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28703.exe
[2010/01/24 11:39:34 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\9894.exe
[2010/01/24 11:33:19 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kelsey\Desktop\OTL.exe
[2010/01/24 11:25:37 | 00,071,798 | ---- | M] () -- C:\Documents and Settings\Kelsey\Desktop\JavaRa.zip
[2010/01/24 11:20:55 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/01/24 11:20:55 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/01/24 11:20:55 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/01/24 11:20:55 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/01/24 11:20:54 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/01/24 11:19:34 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\17035.exe
[2010/01/24 11:16:08 | 16,254,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Kelsey\Desktop\jre-6u18-windows-i586.exe
[2010/01/24 10:59:34 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26299.exe
[2010/01/24 10:44:31 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 10:43:41 | 09,034,488 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Kelsey\Desktop\mssefullinstall-x86fre-en-us-xp.exe
[2010/01/24 10:39:33 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\25667.exe
[2010/01/24 10:19:33 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19912.exe
[2010/01/24 09:59:33 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\1869.exe
[2010/01/24 09:39:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11538.exe
[2010/01/24 09:19:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\14771.exe
[2010/01/24 08:59:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\21726.exe
[2010/01/24 08:39:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5447.exe
[2010/01/24 08:19:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19895.exe
[2010/01/24 07:59:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19718.exe
[2010/01/24 07:39:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18716.exe
[2010/01/24 07:19:30 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\17421.exe
[2010/01/24 06:59:30 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\12382.exe
[2010/01/24 06:39:30 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\292.exe
[2010/01/24 06:19:29 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\153.exe
[2010/01/24 05:59:29 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\3902.exe
[2010/01/24 05:39:29 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\14604.exe
[2010/01/24 05:19:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\32391.exe
[2010/01/24 04:59:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5436.exe
[2010/01/24 04:39:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\4827.exe
[2010/01/24 04:19:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11942.exe
[2010/01/24 03:59:27 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\2995.exe
[2010/01/24 03:39:27 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\491.exe
[2010/01/24 03:19:27 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\9961.exe
[2010/01/24 02:59:26 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\16827.exe
[2010/01/24 02:39:26 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\23281.exe
[2010/01/24 02:19:26 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010/01/24 01:59:26 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010/01/24 01:39:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010/01/24 01:19:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010/01/24 00:59:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010/01/24 00:39:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010/01/24 00:19:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 23:59:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 23:39:20 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 23:19:19 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 22:59:18 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 22:39:18 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 22:38:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/23 22:38:15 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/23 22:37:36 | 04,194,304 | -H-- | M] () -- C:\Documents and Settings\Kelsey\NTUSER.DAT
[2010/01/23 22:37:30 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Kelsey\ntuser.ini
[2010/01/23 22:37:03 | 04,278,866 | -H-- | M] () -- C:\Documents and Settings\Kelsey\Local Settings\Application Data\IconCache.db
[2010/01/23 21:00:00 | 00,000,330 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2010/01/23 20:20:38 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/01/23 20:12:14 | 30,909,992 | ---- | M] () -- C:\Documents and Settings\Kelsey\Desktop\avira_antivir_personal_en.exe
[2010/01/23 20:00:00 | 00,000,314 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
[2010/01/23 15:46:43 | 00,000,756 | ---- | M] () -- C:\Documents and Settings\Kelsey\Desktop\Internet Security 2010.lnk
[2010/01/23 15:36:31 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 15:32:18 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/23 15:32:13 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\winlogon32.exe
[2010/01/23 15:32:13 | 00,020,480 | ---- | M] (IpVOPqgs) -- C:\WINDOWS\System32\smss32.exe
[2010/01/23 12:05:09 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/01/23 03:01:32 | 00,000,584 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/22 14:16:22 | 00,044,032 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\vocab unit 8.doc
[2010/01/16 15:35:12 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/01/12 17:07:56 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/05 23:34:48 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry9.doc
[2010/01/05 23:21:18 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry8.doc
[2010/01/05 22:40:15 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry7.doc
[2010/01/05 22:07:12 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry18.doc
[2010/01/05 21:36:40 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry17.doc
[2010/01/05 16:11:28 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry16.doc
[2010/01/05 15:30:28 | 03,599,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2010/01/05 15:26:54 | 00,291,840 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry15.doc
[2010/01/05 15:08:21 | 00,189,440 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry14.doc
[2010/01/05 15:00:29 | 00,248,320 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry13.doc
[2010/01/05 14:43:27 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry12.doc
[2010/01/05 14:17:00 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry11.doc
[2010/01/05 14:03:26 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry10.doc
[2010/01/05 04:00:29 | 00,832,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2010/01/05 04:00:28 | 01,168,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2010/01/05 04:00:28 | 00,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2010/01/05 04:00:28 | 00,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2010/01/05 04:00:28 | 00,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2010/01/05 04:00:28 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2010/01/05 04:00:28 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2010/01/05 04:00:28 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2010/01/05 04:00:28 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2010/01/05 04:00:28 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2010/01/05 04:00:27 | 00,477,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2010/01/05 04:00:27 | 00,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2010/01/05 04:00:27 | 00,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2010/01/05 04:00:25 | 00,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2010/01/05 04:00:25 | 00,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/01/05 04:00:24 | 01,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2010/01/05 04:00:24 | 01,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2010/01/05 04:00:24 | 00,459,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2010/01/05 04:00:24 | 00,459,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/01/05 04:00:24 | 00,268,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/01/05 04:00:24 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2010/01/05 04:00:24 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2010/01/05 04:00:24 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll
[2010/01/05 04:00:24 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2010/01/05 04:00:24 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2010/01/05 04:00:24 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2010/01/05 04:00:23 | 06,067,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/01/05 04:00:21 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2010/01/05 04:00:21 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2010/01/05 04:00:21 | 00,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
[2010/01/05 04:00:21 | 00,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2010/01/05 04:00:21 | 00,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
[2010/01/05 04:00:21 | 00,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2010/01/05 04:00:21 | 00,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2010/01/05 04:00:21 | 00,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2010/01/05 04:00:21 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll
[2010/01/05 04:00:21 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2010/01/05 04:00:21 | 00,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2010/01/05 04:00:21 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2010/01/05 04:00:21 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2010/01/05 04:00:21 | 00,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2010/01/05 04:00:20 | 00,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[2010/01/05 04:00:20 | 00,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2010/01/05 04:00:20 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2010/01/05 04:00:20 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll
[2010/01/05 04:00:20 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2010/01/05 04:00:20 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2010/01/04 22:22:03 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry6.doc
[2010/01/04 20:24:03 | 00,301,568 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\Rehugo entry5.doc
[2010/01/04 19:55:25 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry4.doc
[2010/01/04 18:28:31 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry3.doc
[2010/01/04 17:47:43 | 00,070,656 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry2.doc
[2010/01/04 17:15:15 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry1.doc
[2009/12/31 09:33:27 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009/12/31 09:33:06 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2009/12/31 09:33:06 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2009/12/31 09:33:06 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2009/12/31 09:33:06 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[7 C:\Documents and Settings\Kelsey\My Documents\*.tmp files -> C:\Documents and Settings\Kelsey\My Documents\*.tmp -> ]
[5 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 18:00:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\27529.exe
[2010/01/24 17:40:13 | 00,259,072 | ---- | C] () -- C:\WINDOWS\System32\9741.exe
[2010/01/24 16:39:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\20037.exe
[2010/01/24 16:19:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\32757.exe
[2010/01/24 15:59:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\32662.exe
[2010/01/24 15:39:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\27644.exe
[2010/01/24 15:19:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\25547.exe
[2010/01/24 14:59:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6868.exe
[2010/01/24 14:39:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28253.exe
[2010/01/24 14:19:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\7711.exe
[2010/01/24 13:59:39 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15141.exe
[2010/01/24 13:39:39 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\4664.exe
[2010/01/24 13:19:39 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\17673.exe
[2010/01/24 12:59:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\30333.exe
[2010/01/24 12:39:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\31322.exe
[2010/01/24 12:19:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\23811.exe
[2010/01/24 11:59:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28703.exe
[2010/01/24 11:39:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\9894.exe
[2010/01/24 11:25:37 | 00,071,798 | ---- | C] () -- C:\Documents and Settings\Kelsey\Desktop\JavaRa.zip
[2010/01/24 11:19:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\17035.exe
[2010/01/24 10:59:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26299.exe
[2010/01/24 10:39:33 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\25667.exe
[2010/01/24 10:19:33 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19912.exe
[2010/01/24 09:59:33 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\1869.exe
[2010/01/24 09:39:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11538.exe
[2010/01/24 09:19:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\14771.exe
[2010/01/24 08:59:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\21726.exe
[2010/01/24 08:39:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5447.exe
[2010/01/24 08:19:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe
[2010/01/24 07:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe
[2010/01/24 07:39:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe
[2010/01/24 07:19:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe
[2010/01/24 06:59:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe
[2010/01/24 06:39:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe
[2010/01/24 06:19:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe
[2010/01/24 05:59:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe
[2010/01/24 05:39:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe
[2010/01/24 05:19:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe
[2010/01/24 04:59:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe
[2010/01/24 04:39:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2010/01/24 04:19:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2010/01/24 03:59:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2010/01/24 03:39:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2010/01/24 03:19:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2010/01/24 02:59:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2010/01/24 02:39:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2010/01/24 02:19:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/24 01:59:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/24 01:39:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/24 01:19:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/24 00:59:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/24 00:39:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/24 00:19:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/23 21:38:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/23 20:20:38 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/01/23 20:11:56 | 30,909,992 | ---- | C] () -- C:\Documents and Settings\Kelsey\Desktop\avira_antivir_personal_en.exe
[2010/01/23 16:36:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/23 16:16:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/23 15:56:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/23 15:46:43 | 00,000,756 | ---- | C] () -- C:\Documents and Settings\Kelsey\Desktop\Internet Security 2010.lnk
[2010/01/23 15:36:39 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010/01/23 15:36:31 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010/01/23 15:32:18 | 00,000,001 | ---- | C] () -- C:\s
[2010/01/22 14:16:17 | 00,044,032 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\vocab unit 8.doc
[2010/01/05 23:34:48 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry9.doc
[2010/01/05 23:20:27 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry8.doc
[2010/01/05 22:40:15 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry7.doc
[2010/01/05 22:07:12 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry18.doc
[2010/01/05 21:36:40 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry17.doc
[2010/01/05 16:11:28 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry16.doc
[2010/01/05 15:26:49 | 00,291,840 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry15.doc
[2010/01/05 15:08:21 | 00,189,440 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry14.doc
[2010/01/05 15:00:29 | 00,248,320 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry13.doc
[2010/01/05 14:43:26 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry12.doc
[2010/01/05 14:16:59 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry11.doc
[2010/01/05 14:03:26 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry10.doc
[2010/01/04 22:22:03 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry6.doc
[2010/01/04 20:24:03 | 00,301,568 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\Rehugo entry5.doc
[2010/01/04 19:55:25 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry4.doc
[2010/01/04 18:28:04 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry3.doc
[2010/01/04 17:47:42 | 00,070,656 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry2.doc
[2010/01/04 17:15:14 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Kelsey\My Documents\REHUGO Entry1.doc
[2008/12/08 19:28:43 | 00,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008/11/24 21:56:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/10/04 17:18:19 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/10/04 16:46:33 | 00,000,129 | ---- | C] () -- C:\Documents and Settings\Kelsey\Local Settings\Application Data\fusioncache.dat
[2008/10/04 16:30:58 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2008/10/04 16:30:14 | 00,000,813 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2008/09/26 20:24:23 | 00,012,288 | ---- | C] () -- C:\Documents and Settings\Kelsey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/25 01:13:19 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/09/24 22:26:01 | 00,007,106 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/09/24 21:31:32 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/09/24 11:01:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2008/09/24 10:50:27 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/09/24 08:51:55 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 02:00:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
< End of report >

bafred
Beginner
Beginner

Status :
Online
Offline

Posts : 2
Joined : 2010-01-24
OS : Windows Vista

View user profile

Back to top Go down

2nd file - extras

Post by bafred on Mon Jan 25, 2010 12:39 am

OTL Extras logfile created on: 1/24/2010 6:17:30 PM - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Documents and Settings\Kelsey\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 376.00 Mb Available Physical Memory | 37.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 226.76 Gb Total Space | 191.90 Gb Free Space | 84.63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SONY
Current User Name: Kelsey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Admin\Local Settings\Temp\hp_webrelease_____\setup\HPZnet01.exe" = C:\Documents and Settings\Admin\Local Settings\Temp\hp_webrelease_____\setup\HPZnet01.exe:*:Enabled:hpznet01.exe -- (Hewlett-Packard)
"C:\Documents and Settings\Admin\Local Settings\Temp\hp_webrelease_____\setup\hponicifs01.exe" = C:\Documents and Settings\Admin\Local Settings\Temp\hp_webrelease_____\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Documents and Settings\Kelsey\Local Settings\Temp\hp_webrelease____\setup\HPZnet01.exe" = C:\Documents and Settings\Kelsey\Local Settings\Temp\hp_webrelease____\setup\HPZnet01.exe:*:Enabled:hpznet01.exe -- (Hewlett-Packard)
"C:\Documents and Settings\Kelsey\Local Settings\Temp\hp_webrelease____\setup\hponicifs01.exe" = C:\Documents and Settings\Kelsey\Local Settings\Temp\hp_webrelease____\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hp\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hp\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\Hp\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hp\Digital Imaging\bin\hposid01.exe" = C:\Program Files\Hp\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hp\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\Hp\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\Hp\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hp\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\Hp\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hp\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\Hp\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\Hp\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\Hp\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\Hp\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hp\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\Hp\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- File not found
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCC7F68-A437-4559-A840-F5E010934951}" = HP Driver Diagnostics
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5D5B9E6A-344C-4976-95AB-ABBDC648E5DA}" = Microsoft IntelliType Pro 5.2
"{64635543-70E7-436D-8D6D-4A721595029E}" = Microsoft IntelliPoint 5.2
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7FBD6DC1-919F-45EB-A4FD-C032DD121033}" = Nero 7 Essentials
"{83073C45-3003-4671-9A86-243AAADD915A}" = Microsoft Calculator Plus
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E158BB9-37B9-464B-837E-CC1D5766291B}" = VAIO Update 3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A385AA5D-4B9C-4BB4-A3D9-8BA006D6E831}" = D-Link Wireless N USB Adapter DWA-130
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2B30EC0-FB6A-43BB-9B38-0C3B32D75B40}_is1" = Sony Download Taxi 1.5.0.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"AIM Toolbar" = AIM Toolbar
"AIMTunes" = AIMTunes
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"InterActual Player" = InterActual Player
"LimeWire" = LimeWire 5.3.6
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"Mozilla Firefox (3.0.17)" = Mozilla Firefox (3.0.17)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PCConfidential_is1" = PC Confidential 2008
"Picasa 3" = Picasa 3
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"RegPowerClean_is1" = Winferno Registry Power Cleaner
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/28/2009 10:21:09 PM | Computer Name = SONY | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 11.0.8312.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/4/2009 9:12:45 AM | Computer Name = SONY | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0x80040275) SMRT TV Tuner

Error - 11/5/2009 6:12:31 PM | Computer Name = SONY | Source = Application Error | ID = 1000
Description = Faulting application hpqste08.exe, version 70.0.170.0, faulting module
ole32.dll, version 5.1.2600.5512, fault address 0x0004d9ca.

Error - 11/7/2009 2:46:00 PM | Computer Name = SONY | Source = Avira AntiVir | ID = 4118
Description = EXCEPTION calling function for the file C:\Documents and Settings\Kelsey\My
Documents\LimeWire\Saved\Keith Urban - I wanna Kiss A Girl.mp3 [ACCESS_VIOLATION
Exception!! EIP = ] Please inform Avira and submit the appropriate file!

Error - 11/10/2009 6:35:05 PM | Computer Name = SONY | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0x80040275) SMRT TV Tuner

Error - 11/11/2009 3:19:20 PM | Computer Name = SONY | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0x80040275) SMRT TV Tuner

Error - 11/11/2009 9:23:59 PM | Computer Name = SONY | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0x80040275) SMRT TV Tuner

Error - 11/16/2009 3:20:20 PM | Computer Name = SONY | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0x80040275) SMRT TV Tuner

Error - 11/18/2009 9:09:28 PM | Computer Name = SONY | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0x80040275) SMRT TV Tuner

Error - 11/19/2009 7:45:52 PM | Computer Name = SONY | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0x80040275) SMRT TV Tuner

[ System Events ]
Error - 1/19/2010 11:53:58 PM | Computer Name = SONY | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
BRAD-PC that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{422BE90A-E1DD-4479-8. The master browser is stopping or an election
is being forced.

Error - 1/23/2010 4:01:23 PM | Computer Name = SONY | Source = Service Control Manager | ID = 7000
Description = The Secdrv service failed to start due to the following error: %%2

Error - 1/23/2010 7:56:05 PM | Computer Name = SONY | Source = Service Control Manager | ID = 7000
Description = The Secdrv service failed to start due to the following error: %%2

Error - 1/23/2010 9:30:12 PM | Computer Name = SONY | Source = Service Control Manager | ID = 7000
Description = The Secdrv service failed to start due to the following error: %%2

Error - 1/23/2010 10:17:32 PM | Computer Name = SONY | Source = Service Control Manager | ID = 7000
Description = The Secdrv service failed to start due to the following error: %%2

Error - 1/23/2010 11:59:12 PM | Computer Name = SONY | Source = Service Control Manager | ID = 7000
Description = The Secdrv service failed to start due to the following error: %%2

Error - 1/24/2010 12:38:31 AM | Computer Name = SONY | Source = Service Control Manager | ID = 7000
Description = The Secdrv service failed to start due to the following error: %%2

Error - 1/24/2010 10:43:53 AM | Computer Name = SONY | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
BRAD-PC that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{422BE90A-E1DD-4479-8. The master browser is stopping or an election
is being forced.

Error - 1/24/2010 7:19:47 PM | Computer Name = SONY | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 1/24/2010 8:16:30 PM | Computer Name = SONY | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.


< End of report >

Thanks for the help.

bafred
Beginner
Beginner

Status :
Online
Offline

Posts : 2
Joined : 2010-01-24
OS : Windows Vista

View user profile

Back to top Go down

Re: Internet Security 2010 virus help

Post by Belahzur on Mon Jan 25, 2010 1:31 am

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum