Antivirus soft

View previous topic View next topic Go down

Antivirus soft

Post by Karla on 15th February 2010, 7:41 am

Please help...I was on facebook and my computer (laptop running windows XP) started going crazy. It says I have Antivirus soft. AVG did not detect it and MBAM is not removing it either. I have run scans with both in safe mode. I can't run anything in regular mode, the antivirus soft says everything is infected. Here is my hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:31:06 AM, on 2/15/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Administrator\My Documents\winlogon.scr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [BarbieGirlsTray] C:\Program Files\Mattel\Barbie Girls\Mattel.BarbieGirls.Tray.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ALLTEL Internet Accelerator Client.lnk = C:\Program Files\ALLTEL Communications\ALLTEL Internet Accelerator Client\NGSpawner.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Google Search - [You must be registered and logged in to see this link.] Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - [You must be registered and logged in to see this link.] Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - [You must be registered and logged in to see this link.] Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - [You must be registered and logged in to see this link.] Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Similar Pages - [You must be registered and logged in to see this link.] Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - [You must be registered and logged in to see this link.] Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 8842 bytes

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus soft

Post by Belahzur on 15th February 2010, 7:44 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll



  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivirus soft

Post by Karla on 16th February 2010, 5:47 am

Here is my MBAM log. I ran MBAM before and it resulted no infections. I'm still in safe mode right now. I'm going to restart my computer in regular mode to see if Antivirus Soft still pops up. I'll post back as soon as I find out.


Malwarebytes' Anti-Malware 1.44
Database version: 3744
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

2/16/2010 12:39:13 AM
mbam-log-2010-02-16 (00-39-13).txt

Scan type: Quick Scan
Objects scanned: 142997
Time elapsed: 6 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus soft

Post by Karla on 16th February 2010, 5:56 am

Just checked, it's still there.

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus soft

Post by Belahzur on 16th February 2010, 9:56 pm

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivirus soft

Post by Karla on 16th February 2010, 10:39 pm

OTL logfile created on: 2/16/2010 5:47:24 PM - Run 2
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Administrator\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 262.00 Mb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.72 Gb Total Space | 33.31 Gb Free Space | 63.19% Space Free | Partition Type: NTFS
Drive D: | 18.25 Gb Total Space | 18.18 Gb Free Space | 99.60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BENNETTFAMILY
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/16 17:29:18 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
PRC - [2010/02/13 12:07:57 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/02/16 17:29:18 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
MOD - [2009/11/21 10:51:04 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\aclayers.dll
MOD - [2008/04/13 19:12:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008/04/13 19:11:56 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/02/14 02:08:07 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2010/02/14 01:22:49 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2010/02/13 12:07:41 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/06/20 05:28:55 | 000,537,264 | ---- | M] ( ) [Auto | Stopped] -- C:\WINDOWS\System32\lxcycoms.exe -- (lxcy_device)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/04/06 14:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Stopped] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2005/12/19 15:08:42 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/05/04 00:04:28 | 009,150,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -- (MSSQL$MICROSOFTSMLBIZ)
SRV - [2005/05/03 21:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTSMLBIZ)
SRV - [2004/05/24 11:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2003/07/28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2010/02/13 12:08:39 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/02/13 12:08:30 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/02/13 12:08:28 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/21 09:08:54 | 000,038,656 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt9052.sys -- (SQTECH9052)
DRV - [2007/11/13 05:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/05/18 10:41:30 | 000,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/02/08 19:28:42 | 000,101,280 | ---- | M] (Kyocera Wireless Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kwusbnt.sys -- (kwkpcusb)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/03/30 14:50:24 | 000,093,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2006/03/30 14:50:22 | 000,008,272 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2006/03/30 14:50:20 | 000,058,352 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2006/03/24 23:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 18:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/11/02 19:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/14 21:15:18 | 001,302,812 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 03:32:16 | 000,045,312 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 03:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 03:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 03:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/04/25 02:03:00 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2004/12/06 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 01:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 01:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 01:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 03:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/04 05:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 05:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/06/02 12:19:00 | 000,038,705 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2004/06/02 12:17:56 | 000,151,985 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2004/05/20 07:45:20 | 000,068,950 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2004/05/20 07:41:54 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2004/05/20 07:39:42 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2004/05/20 07:21:10 | 000,036,918 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2004/03/17 03:04:14 | 000,013,059 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 12:12:10 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{A2EBD830-E422-4579-BF80-A577C34B9B73}: C:\Documents and Settings\Karla\Local Settings\Application Data\{A2EBD830-E422-4579-BF80-A577C34B9B73}


O1 HOSTS File: ([2009/08/02 17:17:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [BarbieGirlsTray] C:\Program Files\Mattel\Barbie Girls\Mattel.BarbieGirls.Tray.exe ()
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ()
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LXCYCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcymon.exe] C:\Program Files\Lexmark 3400 Series\lxcymon.exe ()
O4 - HKLM..\Run: [MimBoot] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ALLTEL Internet Accelerator Client.lnk = C:\Program Files\ALLTEL Communications\ALLTEL Internet Accelerator Client\NGSpawner.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0_06)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0_06)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/16 17:29:05 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
[2010/02/16 00:30:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\backups
[2010/02/15 16:27:38 | 000,407,680 | ---- | C] (ALWIL Software) -- C:\Documents and Settings\Administrator\My Documents\aswclnr.exe
[2010/02/15 14:36:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/02/15 14:36:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2010/02/15 02:30:26 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\My Documents\winlogon.scr
[2010/02/15 00:48:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/02/15 00:39:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/02/15 00:39:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/02/15 00:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/02/15 00:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/15 00:33:27 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF20032.exe
[2010/02/15 00:33:27 | 000,000,000 | ---D | C] -- C:\Combo-Fix
[2010/02/14 22:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/02/14 17:40:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/02/14 00:53:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/02/13 12:08:55 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/02/13 12:08:40 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/02/13 12:08:38 | 000,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/02/13 12:08:30 | 000,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/02/13 12:08:28 | 000,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/02/13 12:08:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/02/13 12:08:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/02/13 12:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/02/13 06:59:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/02/13 06:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/02/13 06:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/02/13 06:58:29 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/02/13 06:58:29 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/02/13 06:58:29 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/02/13 06:58:29 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/02/13 06:58:28 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/02/13 06:58:28 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/02/13 06:58:27 | 000,000,000 | ---D | C] -- C:\c86a58b0cea6f3067c
[2010/02/13 01:58:01 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/02/12 21:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Defrag
[2010/02/12 21:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2009/07/29 12:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/07/29 11:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/06/17 13:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Yahoo!
[2008/06/17 13:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google
[2007/12/12 23:03:20 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhcp.dll
[2007/04/04 10:40:29 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypmui.dll
[2007/04/04 10:39:21 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyserv.dll
[2007/04/04 10:34:13 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomm.dll
[2007/04/04 10:32:49 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcylmpm.dll
[2007/04/04 10:31:38 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyiesc.dll
[2007/04/04 10:29:29 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypplc.dll
[2007/04/04 10:28:42 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomc.dll
[2007/04/04 10:28:11 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyprox.dll
[2007/04/04 10:22:25 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyinpa.dll
[2007/04/04 10:21:51 | 000,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyusb1.dll
[2007/04/04 10:18:18 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhbn3.dll
[2006/10/19 19:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/16 17:46:08 | 001,048,576 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/02/16 17:29:18 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
[2010/02/16 15:57:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/16 14:25:55 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/02/16 14:25:53 | 004,240,656 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/02/16 00:47:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/16 00:45:09 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/02/16 00:44:35 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/15 21:48:02 | 001,982,464 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2010/02/15 21:48:02 | 001,508,352 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2010/02/15 16:27:45 | 000,407,680 | ---- | M] (ALWIL Software) -- C:\Documents and Settings\Administrator\My Documents\aswclnr.exe
[2010/02/15 13:43:54 | 000,316,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/15 02:30:47 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\My Documents\winlogon.scr
[2010/02/15 00:46:10 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/02/15 00:33:21 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF20032.exe
[2010/02/15 00:14:01 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{471F9B2B-17C1-49B1-B63E-4A4AFF139DDA}.job
[2010/02/15 00:13:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/14 22:38:11 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/02/14 22:01:03 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/02/14 17:39:37 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/02/14 17:26:24 | 055,595,572 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/02/14 03:14:51 | 000,000,690 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/13 16:53:20 | 000,550,362 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/13 16:53:20 | 000,460,864 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/13 16:53:20 | 000,079,886 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/13 13:04:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/13 12:51:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/13 12:08:41 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/02/13 12:08:40 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/02/13 12:08:39 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/02/13 12:08:30 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/02/13 12:08:28 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/02/13 12:08:28 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/02/13 12:08:11 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010/02/13 12:08:11 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/02/13 12:08:11 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/15 00:40:35 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/02/14 17:39:37 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/02/14 02:08:37 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/14 02:08:36 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/14 00:53:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/02/13 12:08:41 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/02/13 12:08:27 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/02/13 12:08:11 | 055,595,572 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/02/13 12:08:11 | 000,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010/02/13 12:08:11 | 000,142,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/02/13 12:08:10 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/08/02 17:02:07 | 000,003,293 | ---- | C] () -- C:\WINDOWS\uretacok.dll
[2009/08/02 16:39:08 | 000,003,085 | ---- | C] () -- C:\WINDOWS\ufanimifi.dll
[2009/08/02 15:57:28 | 000,003,205 | ---- | C] () -- C:\WINDOWS\umatebiw.dll
[2009/08/02 14:37:45 | 000,003,237 | ---- | C] () -- C:\WINDOWS\ewururulipizul.dll
[2009/08/02 14:16:18 | 000,003,237 | ---- | C] () -- C:\WINDOWS\udiqamalanun.dll
[2009/08/02 12:01:37 | 000,003,237 | ---- | C] () -- C:\WINDOWS\elanacuroneceki.dll
[2009/08/02 11:44:27 | 000,003,213 | ---- | C] () -- C:\WINDOWS\imifihufehoriqo.dll
[2009/07/31 19:17:55 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/07/31 19:17:55 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2009/07/31 19:17:55 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/07/31 19:17:55 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/07/31 00:12:04 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2009/07/30 23:05:19 | 000,012,875 | ---- | C] () -- C:\Program Files\Common Files\vegugazenu.bin
[2009/07/30 23:05:19 | 000,011,749 | ---- | C] () -- C:\WINDOWS\System32\ynudifo.dll
[2009/07/30 23:05:18 | 000,016,391 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xiry.scr
[2009/07/27 18:01:05 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/08/15 22:35:31 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008/08/15 22:35:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2008/07/19 15:00:49 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008/07/19 15:00:49 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008/07/19 14:59:58 | 000,001,008 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/02/18 15:47:02 | 000,081,920 | ---- | C] () -- C:\WINDOWS\dlib.dll
[2008/02/18 15:47:01 | 000,405,588 | ---- | C] () -- C:\WINDOWS\System32\vc6-stlport-re300l.dll
[2008/01/09 22:00:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DcmLtBox-WS.ini
[2008/01/09 21:59:53 | 000,000,276 | ---- | C] () -- C:\WINDOWS\DcmLtbox.ini
[2007/12/12 23:05:07 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2007/12/12 23:05:07 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2007/12/12 23:03:20 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\lxcyinst.dll
[2007/12/12 23:02:31 | 000,344,064 | R--- | C] () -- C:\WINDOWS\System32\lxcycoin.dll
[2007/10/10 08:19:35 | 000,000,218 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2007/09/15 03:19:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/10/21 23:55:42 | 000,000,555 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2006/10/19 19:06:59 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/10/19 19:06:59 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\FFFF2D601C.sys
[2006/09/12 05:12:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/12 05:05:16 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/12 04:54:30 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/09/12 04:50:56 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/09/12 04:48:45 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/09/12 04:22:34 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/09/12 04:22:30 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/09/12 04:22:20 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/08/14 16:07:04 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcycaps.dll
[2006/08/08 14:58:04 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcydrs.dll
[2006/03/23 03:33:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcyvs.dll
[2006/01/25 17:11:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcycnv4.dll
[2005/01/28 08:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 13:12:05 | 000,000,888 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:51:35 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/10 12:51:35 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/10 12:51:35 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/10 12:51:35 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/10 12:51:35 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000/09/08 16:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1997/11/10 14:18:48 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus soft

Post by Karla on 16th February 2010, 11:00 pm

OTL Extras logfile created on: 2/16/2010 5:47:24 PM - Run 2
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Administrator\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 262.00 Mb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.72 Gb Total Space | 33.31 Gb Free Space | 63.19% Space Free | Partition Type: NTFS
Drive D: | 18.25 Gb Total Space | 18.18 Gb Free Space | 99.60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BENNETTFAMILY
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"9999:TCP" = 9999:TCP:LocalSubNet:Disabled:DNA
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\lxcycoms.exe" = C:\WINDOWS\system32\lxcycoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Program Files\Blubster\blubster.exe" = C:\Program Files\Blubster\blubster.exe:*:Disabled:Blubster -- (MP2P Technologies.)
"C:\Program Files\ALLTEL Communications\ALLTEL Internet Accelerator Client\NettGain1200_C.exe" = C:\Program Files\ALLTEL Communications\ALLTEL Internet Accelerator Client\NettGain1200_C.exe:*:Disabled:NettGain1100_C -- (Flash Networks)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{16B18999-56D7-4E8F-A40C-385E68A6D0CD}" = Barbie Girls
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B15D991-5619-4BC1-B71E-3DE793B792FC}" = ArcSoft MediaConverter 2
"{209AE7EF-DEBA-46D1-BB51-E3942386B4E5}" = Kyocera Wireless USB Driver for Data Cards
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{32AD1A7A-25F1-44B9-A396-EA8A4A6605B0}" = Search Settings 1.1
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38441BE7-79B0-42B8-8297-833704F949FE}" = HLPIndex
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}" = ESSSONIC
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{598D99F7-B97C-424F-B899-69B339336411}" = Disney Micro
"{5F87EF36-A373-11D5-AA2E-0008C760B784}" =
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6FA04597-5F3E-4CB0-9091-09C54E0AA0ED}" = TXPCM10001 Driver
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7AE58266-B58D-44D8-A0CB-E83F01B67C6B}" = Disney Pix Micro Downloader
"{7CE979C6-E5FF-41C5-B6CC-4EE18071563B}" = SierraAddressBook 3.0
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADAC983-FDE9-42FA-8FD9-7BB324155593}" = HLPRFO
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B702CCCE-3176-4DBF-B932-D1B8F402F330}" = Digital Content Portal
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BA68600E-96D9-4E92-80F2-26B9681B5A63}" = Microsoft Office Outlook 2003 with Business Contact Manager Update
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt
"{D2023740-9AAC-11D4-B54D-006008571948}" = Pac-Man Adventures in Time
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DD1DDD99-D225-40CD-9433-44667C7ABD3F}" = Disney Pix 2.2
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AVG9Uninstall" = AVG Free 9.0
"Blubster" = Blubster 2.6.9
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Diner Dash" = Diner Dash
"Diner Dash - Flo on the Go" = Diner Dash - Flo on the Go
"DirectXMediaRuntime" = DirectX Media Runtime 5.1
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Eusing Free Registry Defrag" = Eusing Free Registry Defrag
"GameHouse Sudoku" = GameHouse Sudoku
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{16B18999-56D7-4E8F-A40C-385E68A6D0CD}" = Barbie Girls
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"InterActual Player" = InterActual Player
"Lexmark 3400 Series" = Lexmark 3400 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MySpaceIM" = MySpaceIM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Plantasia" = Plantasia
"QuickLink PhoneManager" = QuickLink PhoneManager
"QuickTime" = QuickTime
"QuicktimePluginDeinstallKey" = Quicktime Browser Plug-In
"SearchAssist" = SearchAssist
"Sorry" = Sorry
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Virtual Villagers - A New Home" = Virtual Villagers - A New Home (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/12/2010 10:07:37 PM | Computer Name = BENNETTFAMILY | Source = Application Error | ID = 1000
Description = Faulting application avgnsx.exe, version 8.5.0.316, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x000101b3.

Error - 2/12/2010 10:08:02 PM | Computer Name = BENNETTFAMILY | Source = Application Error | ID = 1000
Description = Faulting application avgnsx.exe, version 8.5.0.316, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x000101b3.

Error - 2/12/2010 10:09:24 PM | Computer Name = BENNETTFAMILY | Source = Application Error | ID = 1000
Description = Faulting application avgnsx.exe, version 8.5.0.316, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x000101b3.

Error - 2/12/2010 10:09:52 PM | Computer Name = BENNETTFAMILY | Source = Application Error | ID = 1000
Description = Faulting application avgnsx.exe, version 8.5.0.316, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x000101b3.

Error - 2/12/2010 10:11:16 PM | Computer Name = BENNETTFAMILY | Source = Application Error | ID = 1000
Description = Faulting application avgnsx.exe, version 8.5.0.316, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x000101b3.

Error - 2/14/2010 1:54:28 AM | Computer Name = BENNETTFAMILY | Source = ESENT | ID = 490
Description = svchost (1116) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 2/14/2010 1:54:28 AM | Computer Name = BENNETTFAMILY | Source = ESENT | ID = 470
Description = Catalog Database (1116) Database C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
is partially attached. Attachment stage: 3. Error: -1032.

Error - 2/14/2010 3:08:28 AM | Computer Name = BENNETTFAMILY | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/14/2010 3:08:30 AM | Computer Name = BENNETTFAMILY | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/14/2010 3:22:10 AM | Computer Name = BENNETTFAMILY | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 2/16/2010 3:25:54 PM | Computer Name = BENNETTFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2/16/2010 4:57:51 PM | Computer Name = BENNETTFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2/16/2010 4:59:01 PM | Computer Name = BENNETTFAMILY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
APPDRV AvgLdx86 AvgMfx86 Fips intelppm

Error - 2/16/2010 6:37:01 PM | Computer Name = BENNETTFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 2/16/2010 6:37:04 PM | Computer Name = BENNETTFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 2/16/2010 6:37:04 PM | Computer Name = BENNETTFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 2/16/2010 6:41:15 PM | Computer Name = BENNETTFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 2/16/2010 6:42:23 PM | Computer Name = BENNETTFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 2/16/2010 6:42:32 PM | Computer Name = BENNETTFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 2/16/2010 6:46:34 PM | Computer Name = BENNETTFAMILY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}


< End of report >

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus soft

Post by Belahzur on 17th February 2010, 9:13 pm

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Ask Toolbar
    J2SE Runtime Environment 5.0 Update 6
    Search Settings 1.1

Next,

  1. Please download AskRemover from [You must be registered and logged in to see this link.]
  2. Extract the zip file to your Desktop, then run AskRemover.bat
  3. Allow it to run, and select yes to the registry merge warning.
  4. Copy and paste the resulting log in your next post.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivirus soft

Post by Karla on 17th February 2010, 11:30 pm

At first the Antivirus Soft demo would not let me uninstall the programs in regular mode. It would say the programs were infected and start trying to scan my computer. I tried over and over closing it every time and then I right clicked on it to close. The message popped up that the program was not responding so I clicked on end now. I was then able to uninstall J2SE Runtime Environment 5.0 Update 6.
I recieved the following messages when trying to uninstall the other two:

Ask Toolbar: Error 1316.A network error occured while attempting to read from the file C:\WINDOWS\Installer\AskToolbar.msi
Then: Fatal Error occured during installation.
Search Settings 1.1: Error 1316.A network error occured while attempting to read from the file C:\WINDOWS\Installer\SearchSettings.msi
Then: Fatal Error occured during installation.

When I try to uninstall in safe mode I recieve the following message:
The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

I was not certain if I should continue with your instructions to download the AskRemover without removing these programs first, so I have not done this yet.

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus soft

Post by Belahzur on 19th February 2010, 12:05 am

Yes, continue with my instructions please.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivirus soft

Post by Karla on 19th February 2010, 3:18 am

Ask Remover Version 1.1 - Written by Belahzur

The current time and date is 22:11:52.84 Thu 02/18/2010

Microsoft Windows XP [Version 5.1.2600]


==== STARTING CHECK ====
C:\Program Files\Ask.com has been found!

==== Starting removal of Ask ====
C:\Program Files\Ask.com Deleted.

Applying removal of Ask Toolbar registry keys.

==== REGISTRY DUMP ====

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
Start Page REG_SZ [You must be registered and logged in to see this link.]


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Default_Search_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Default_Page_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Start Page REG_SZ http://www.google.com


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main

*** The above keys may not need fixing ***

==== FINAL CHECK ====

==== EOF ====

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus soft

Post by Karla on 19th February 2010, 3:44 am

After running your AskRemover program, I restarted my computer and let it load. The Antivirus Soft Demo DID NOT load along with the rest of my programs (YAY!). I checked in the program list and the Ask Toolbar is still there so I tried uninstalling it and Search Settings 1.1 again and I still get the same messages.

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus soft

Post by Belahzur on 19th February 2010, 11:53 pm

Hello.

Please download Revo Uninstall from here: [You must be registered and logged in to see this link.]

  1. Download and run the setup file for Revo Uninstaller.
  2. Once setup, run Revo Uninstaller.
  3. Select the items I listed.
  4. Then hit the "Uninstall" button at the top.
  5. Close Revo Uninstaller.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivirus soft

Post by Karla on 20th February 2010, 7:19 pm

Think that done it...They're gone. Computer is running fine now. Thank You!

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Antivirus soft

Post by Belahzur on 20th February 2010, 8:26 pm

Hello.

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Antivirus soft

Post by Karla on 21st February 2010, 1:38 am

My computer is running great! Thank you so much, you're awesome!

Karla
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-08-02
Gender Gender : Female
OS OS : XP
Points Points : 27001
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum