Bank Information - could they have it ?

That KOOBFACE VIRUS
HI it appears that the virus is gone as I did a system restore - it did successfully restore and nothing is popping up etc as before.
BUt I head that people now could have my ONLINE banking information is this true ? and if so what should I do ? Change online passwords with bank ?

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

Ok am doing that now...will add it when it is done...THANK YOU !

OTL logfile created on: 03/25/2010 01:01:48 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Celeste\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

510.00 Mb Total Physical Memory | 105.00 Mb Available Physical Memory | 21.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 30.16 Gb Free Space | 42.21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D2K6VLB1
Current User Name: Celeste
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/25 12:46:16 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Celeste\Desktop\OTL.exe
PRC - [2010/03/13 09:02:37 | 002,059,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/03/13 09:02:33 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/13 09:02:32 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/03/13 09:02:28 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/13 09:01:32 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/13 09:01:30 | 001,086,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2005/10/05 01:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2005/06/10 08:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/10/14 17:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2004/08/04 03:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe
PRC - [2004/04/14 13:46:50 | 000,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe


========== Modules (SafeList) ==========

MOD - [2010/03/25 12:46:16 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Celeste\Desktop\OTL.exe
MOD - [2006/08/25 08:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/13 09:02:28 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/10/14 09:45:26 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2010/03/13 09:02:36 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/03/13 09:02:32 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/13 09:01:32 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/05/09 02:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2007/03/20 12:33:26 | 000,028,672 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/10 01:26:28 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2004/09/17 12:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/03 21:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/03 21:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 20:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001/11/05 13:54:38 | 000,014,182 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\icm10blk.sys -- (icm10blk) Intel(r)
DRV - [2001/11/05 13:54:14 | 000,420,870 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ICM10USB.sys -- (ICM10USB) Intel(r)
DRV - [2001/08/17 12:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 12:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 12:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 12:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 12:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 11:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 11:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 11:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 11:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 11:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 11:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 11:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 11:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 11:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 11:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row&channel=ca
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.ca/ig/dell?hl=en&client=dell-row&channel=ca

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row&channel=ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2452474
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {bc04b34e-5dd8-465a-a5e0-86f7c11bc009} - C:\Program Files\Games_Bar_1\tbGame.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0



[2009/08/07 23:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Celeste\Application Data\Mozilla\Extensions
[2009/02/09 12:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Celeste\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009/08/07 23:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Celeste\Application Data\Mozilla\Firefox\Profiles\u46ghws6.default\extensions
[2009/08/07 23:41:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

Hosts file not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Games Bar 1 Toolbar) - {bc04b34e-5dd8-465a-a5e0-86f7c11bc009} - C:\Program Files\Games_Bar_1\tbGame.dll (Conduit Ltd.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Games Bar 1 Toolbar) - {bc04b34e-5dd8-465a-a5e0-86f7c11bc009} - C:\Program Files\Games_Bar_1\tbGame.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Games Bar 1 Toolbar) - {BC04B34E-5DD8-465A-A5E0-86F7C11BC009} - C:\Program Files\Games_Bar_1\tbGame.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident\4.0; File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: LoadLink.ca ([LoadLinkNet] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 3sixty.ca ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: http; ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: loadlink.ca ([www] * in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Family%20Feud%202/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Family%20Feud%202/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.com/webgames/popcaploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Celeste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Celeste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 11:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{69a1d6b4-0f08-11de-b630-001676afe5e8}\Shell\Auto\command - "" = F:\autorun.bat -- File not found
O33 - MountPoints2\{69a1d6b4-0f08-11de-b630-001676afe5e8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{69a1d6b4-0f08-11de-b630-001676afe5e8}\Shell\explore\Command - "" = F:\autorun.bat -- File not found
O33 - MountPoints2\{e6b6325e-6d5c-11de-b666-001676afe5e8}\Shell\Auto\command - "" = F:\launcher.exe -- File not found
O33 - MountPoints2\{e6b6325e-6d5c-11de-b666-001676afe5e8}\Shell\AutoRun - "" = Auto&Play
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/25 12:57:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/03/25 12:46:11 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Celeste\Desktop\OTL.exe
[2010/03/25 12:29:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/25 12:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/03/25 12:21:35 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Celeste\My Documents\TFC.exe
[2010/03/25 11:15:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Celeste\Recent
[2010/03/25 11:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Local Settings\Application Data\Games_Bar_1
[2010/03/25 11:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Games_Bar_1
[2010/03/25 11:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/03/25 11:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/03/25 11:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/03/25 10:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/25 10:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Sun(2)
[2010/03/21 16:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Local Settings\Application Data\Conduit
[2010/03/18 21:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/18 17:41:58 | 000,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/03/18 17:40:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/03/18 17:35:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/03/18 15:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Saved Games
[2010/03/18 15:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Local Settings\Application Data\Oberon Games
[2010/03/13 09:02:32 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/09 21:19:25 | 003,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/12/22 10:45:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/22 10:45:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/22 10:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/11/27 16:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\F-Secure
[2009/08/16 20:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/08/16 19:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/02/16 12:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple

========== Files - Modified Within 30 Days ==========

[2010/03/25 12:58:13 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/25 12:57:42 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/25 12:57:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/25 12:46:16 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Celeste\Desktop\OTL.exe
[2010/03/25 12:41:03 | 009,445,376 | ---- | M] () -- C:\Documents and Settings\Celeste\ntuser.dat
[2010/03/25 12:41:03 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Celeste\ntuser.ini
[2010/03/25 12:28:18 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Celeste\Desktop\ERUNT.lnk
[2010/03/25 12:21:51 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Celeste\My Documents\TFC.exe
[2010/03/25 11:17:02 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/03/25 11:15:06 | 057,693,111 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/25 11:07:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/25 10:29:22 | 000,000,001 | ---- | M] () -- C:\WINDOWS\lgo
[2010/03/25 10:29:03 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014610499.xxe
[2010/03/25 08:10:39 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146114101.xxe
[2010/03/25 08:10:37 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146111103.xxe
[2010/03/25 08:10:34 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014650115.xxe
[2010/03/25 05:17:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/03/24 23:17:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/03/24 17:17:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/03/22 17:17:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/22 13:00:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/21 19:56:15 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/19 14:25:00 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Celeste\Desktop\Windows Media Player.lnk
[2010/03/18 21:04:50 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/18 21:04:50 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/18 21:02:15 | 006,945,704 | -H-- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\IconCache.db
[2010/03/18 17:41:07 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/18 17:37:52 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/18 17:35:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/18 15:39:14 | 000,001,694 | ---- | M] () -- C:\Documents and Settings\Celeste\Desktop\Bubbletown.lnk
[2010/03/18 15:39:14 | 000,001,140 | ---- | M] () -- C:\Documents and Settings\Celeste\Desktop\MSN Games.lnk
[2010/03/16 10:24:34 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Celeste\My Documents\Celeste Resume.doc
[2010/03/14 09:24:12 | 000,570,254 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/14 09:24:12 | 000,475,050 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/14 09:24:12 | 000,085,162 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/13 09:02:36 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/13 09:02:32 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/13 09:02:32 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/13 09:01:32 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/12 12:04:36 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Celeste\My Documents\To Whom It May Concern.doc
[2010/03/02 17:05:57 | 000,121,344 | ---- | M] () -- C:\Documents and Settings\Celeste\My Documents\Top of Form.doc
[2010/02/23 13:43:48 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

========== Files Created - No Company Name ==========

[2010/03/25 12:28:18 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Celeste\Desktop\ERUNT.lnk
[2010/03/25 10:29:03 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014610499.xxe
[2010/03/25 08:26:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\lgo
[2010/03/25 08:10:39 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146114101.xxe
[2010/03/25 08:10:37 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146111103.xxe
[2010/03/25 08:10:34 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014650115.xxe
[2010/03/22 17:51:13 | 009,445,376 | ---- | C] () -- C:\Documents and Settings\Celeste\ntuser.dat
[2010/03/18 17:42:09 | 000,764,868 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb
[2010/03/18 17:42:09 | 000,217,118 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2010/03/18 17:35:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/18 15:39:14 | 000,001,694 | ---- | C] () -- C:\Documents and Settings\Celeste\Desktop\Bubbletown.lnk
[2010/03/18 15:39:14 | 000,001,140 | ---- | C] () -- C:\Documents and Settings\Celeste\Desktop\MSN Games.lnk
[2010/03/16 10:24:34 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Celeste\My Documents\Celeste Resume.doc
[2010/03/12 12:04:35 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Celeste\My Documents\To Whom It May Concern.doc
[2010/03/02 17:04:14 | 000,121,344 | ---- | C] () -- C:\Documents and Settings\Celeste\My Documents\Top of Form.doc
[2010/02/11 05:30:12 | 000,192,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/06/08 22:06:14 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Celeste\Application Data\$_hpcst$.hpc
[2009/03/24 06:46:44 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Celeste\Application Data\PFP120JPR.{PB
[2009/03/24 06:46:44 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Celeste\Application Data\PFP120JCM.{PB
[2009/02/09 07:01:22 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\fusioncache.dat
[2009/02/08 18:13:59 | 000,000,050 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/02/08 18:02:01 | 000,000,426 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2009/02/08 18:02:01 | 000,000,209 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009/02/08 18:02:01 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009/02/08 18:02:01 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/02/08 18:01:40 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2009/02/08 17:59:09 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/02/08 16:06:23 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/02/08 11:33:12 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/08 11:08:02 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/08/10 01:37:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/10 01:08:12 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/08/10 01:08:10 | 000,000,493 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/10/27 13:14:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 11:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 11:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/03/04 09:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[1999/01/22 03:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5466F106
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CE7C61DF
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A5004EB
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF5C4195
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CFBE2D1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B7A22351
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E196FE2
< End of report >

OTL Extras logfile created on: 03/25/2010 01:01:48 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Celeste\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

510.00 Mb Total Physical Memory | 105.00 Mb Available Physical Memory | 21.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 30.16 Gb Free Space | 42.21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D2K6VLB1
Current User Name: Celeste
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*

color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010/03/25 12:57:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/03/25 12:46:11 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Celeste\Desktop\OTL.exe
[2010/03/25 12:29:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/25 12:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/03/25 12:21:35 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Celeste\My Documents\TFC.exe
[2010/03/25 11:15:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Celeste\Recent
[2010/03/25 11:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Local Settings\Application Data\Games_Bar_1
[2010/03/25 11:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Games_Bar_1
[2010/03/25 11:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/03/25 11:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/03/25 11:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/03/25 10:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/25 10:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Sun(2)
[2010/03/21 16:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Local Settings\Application Data\Conduit
[2010/03/18 21:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/18 17:41:58 | 000,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/03/18 17:40:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/03/18 17:35:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/03/18 15:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Saved Games
[2010/03/18 15:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Local Settings\Application Data\Oberon Games
[2010/03/13 09:02:32 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/09 21:19:25 | 003,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/12/22 10:45:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/22 10:45:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/22 10:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/11/27 16:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\F-Secure
[2009/08/16 20:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/08/16 19:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/02/16 12:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple

========== Files - Modified Within 30 Days ==========

[2010/03/25 12:58:13 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/25 12:57:42 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/25 12:57:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/25 12:46:16 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Celeste\Desktop\OTL.exe
[2010/03/25 12:41:03 | 009,445,376 | ---- | M] () -- C:\Documents and Settings\Celeste\ntuser.dat
[2010/03/25 12:41:03 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Celeste\ntuser.ini
[2010/03/25 12:28:18 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Celeste\Desktop\ERUNT.lnk
[2010/03/25 12:21:51 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Celeste\My Documents\TFC.exe
[2010/03/25 11:17:02 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/03/25 11:15:06 | 057,693,111 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/25 11:07:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/25 10:29:22 | 000,000,001 | ---- | M] () -- C:\WINDOWS\lgo
[2010/03/25 10:29:03 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014610499.xxe
[2010/03/25 08:10:39 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146114101.xxe
[2010/03/25 08:10:37 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146111103.xxe
[2010/03/25 08:10:34 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014650115.xxe
[2010/03/25 05:17:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/03/24 23:17:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/03/24 17:17:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/03/22 17:17:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/22 13:00:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/21 19:56:15 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/19 14:25:00 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Celeste\Desktop\Windows Media Player.lnk
[2010/03/18 21:04:50 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/18 21:04:50 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/18 21:02:15 | 006,945,704 | -H-- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\IconCache.db
[2010/03/18 17:41:07 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/18 17:37:52 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/18 17:35:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/18 15:39:14 | 000,001,694 | ---- | M] () -- C:\Documents and Settings\Celeste\Desktop\Bubbletown.lnk
[2010/03/18 15:39:14 | 000,001,140 | ---- | M] () -- C:\Documents and Settings\Celeste\Desktop\MSN Games.lnk
[2010/03/16 10:24:34 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Celeste\My Documents\Celeste Resume.doc
[2010/03/14 09:24:12 | 000,570,254 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/14 09:24:12 | 000,475,050 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/14 09:24:12 | 000,085,162 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/13 09:02:36 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/13 09:02:32 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/13 09:02:32 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/13 09:01:32 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/12 12:04:36 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Celeste\My Documents\To Whom It May Concern.doc
[2010/03/02 17:05:57 | 000,121,344 | ---- | M] () -- C:\Documents and Settings\Celeste\My Documents\Top of Form.doc
[2010/02/23 13:43:48 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

========== Files Created - No Company Name ==========

[2010/03/25 12:28:18 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Celeste\Desktop\ERUNT.lnk
[2010/03/25 10:29:03 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014610499.xxe
[2010/03/25 08:26:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\lgo
[2010/03/25 08:10:39 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146114101.xxe
[2010/03/25 08:10:37 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146111103.xxe
[2010/03/25 08:10:34 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014650115.xxe
[2010/03/22 17:51:13 | 009,445,376 | ---- | C] () -- C:\Documents and Settings\Celeste\ntuser.dat
[2010/03/18 17:42:09 | 000,764,868 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb
[2010/03/18 17:42:09 | 000,217,118 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2010/03/18 17:35:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/03/18 15:39:14 | 000,001,694 | ---- | C] () -- C:\Documents and Settings\Celeste\Desktop\Bubbletown.lnk
[2010/03/18 15:39:14 | 000,001,140 | ---- | C] () -- C:\Documents and Settings\Celeste\Desktop\MSN Games.lnk
[2010/03/16 10:24:34 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Celeste\My Documents\Celeste Resume.doc
[2010/03/12 12:04:35 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Celeste\My Documents\To Whom It May Concern.doc
[2010/03/02 17:04:14 | 000,121,344 | ---- | C] () -- C:\Documents and Settings\Celeste\My Documents\Top of Form.doc
[2010/02/11 05:30:12 | 000,192,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/06/08 22:06:14 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Celeste\Application Data\$_hpcst$.hpc
[2009/03/24 06:46:44 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Celeste\Application Data\PFP120JPR.{PB
[2009/03/24 06:46:44 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Celeste\Application Data\PFP120JCM.{PB
[2009/02/09 07:01:22 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\fusioncache.dat
[2009/02/08 18:13:59 | 000,000,050 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/02/08 18:02:01 | 000,000,426 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2009/02/08 18:02:01 | 000,000,209 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009/02/08 18:02:01 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009/02/08 18:02:01 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/02/08 18:01:40 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2009/02/08 17:59:09 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/02/08 16:06:23 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/02/08 11:33:12 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/08 11:08:02 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/08/10 01:37:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/10 01:08:12 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/08/10 01:08:10 | 000,000,493 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/10/27 13:14:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 11:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 11:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/03/04 09:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[1999/01/22 03:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5466F106
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CE7C61DF
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A5004EB
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF5C4195
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CFBE2D1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B7A22351
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E196FE2
< End of report >

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\TransCore Link Logistics Corporation\LoadLink Net Start\LoadLinkNetStart.exe" = C:\Program Files\TransCore Link Logistics Corporation\LoadLink Net Start\LoadLinkNetStart.exe:*:Enabled:LoadLink Net Start -- ( )
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager -- File not found
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi -- File not found
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin -- File not found
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- File not found
"C:\Documents and Settings\Celeste\Local Settings\Temp\7zS2C.tmp\SymNRT.exe" = C:\Documents and Settings\Celeste\Local Settings\Temp\7zS2C.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel(R) PROSet for Wired Connections
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{676B241C-AED4-400B-98FF-267773B94B11}_is1" = QuickFreedom 1.2.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B702CCCE-3176-4DBF-B932-D1B8F402F330}" = Digital Content Portal
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{D9CC04FD-4EAE-4116-8637-3EFB8150FCCC}" = LoadLink Net Start
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG9Uninstall" = AVG Free 9.0
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"ERUNT_is1" = ERUNT 1.1j
"Games_Bar_1 Toolbar" = Games_Bar_1 Toolbar
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist Corporate
"ie8" = Windows Internet Explorer 8 Release Candidate 1
"IncrediMail" = IncrediMail
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.12.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer Basic
"Videora iPod Converter" = Videora iPod Converter 4.06
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03/16/2010 02:43:38 AM | Computer Name = D2K6VLB1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18372, faulting
module ieframe.dll, version 8.0.6001.18372, fault address 0x002af819.

Error - 03/24/2010 03:16:43 PM | Computer Name = D2K6VLB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18372, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 03/24/2010 03:17:09 PM | Computer Name = D2K6VLB1 | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 03/25/2010 11:29:59 AM | Computer Name = D2K6VLB1 | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.42.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 03/25/2010 11:29:59 AM | Computer Name = D2K6VLB1 | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.42.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 03/25/2010 02:07:42 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/25/2010 02:24:31 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/25/2010 03:25:18 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/25/2010 03:42:29 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/25/2010 03:58:02 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

[ Application Events ]
Error - 03/16/2010 02:43:38 AM | Computer Name = D2K6VLB1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18372, faulting
module ieframe.dll, version 8.0.6001.18372, fault address 0x002af819.

Error - 03/24/2010 03:16:43 PM | Computer Name = D2K6VLB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18372, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 03/24/2010 03:17:09 PM | Computer Name = D2K6VLB1 | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 03/25/2010 11:29:59 AM | Computer Name = D2K6VLB1 | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.42.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 03/25/2010 11:29:59 AM | Computer Name = D2K6VLB1 | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.42.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 03/25/2010 02:07:42 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/25/2010 02:24:31 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/25/2010 03:25:18 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/25/2010 03:42:29 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/25/2010 03:58:02 PM | Computer Name = D2K6VLB1 | Source = JavaQuickStarterService | ID = 1
Description =

[ System Events ]
Error - 03/25/2010 03:22:33 PM | Computer Name = D2K6VLB1 | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 03/25/2010 03:22:33 PM | Computer Name = D2K6VLB1 | Source = Service Control Manager | ID = 7031
Description = The AVG Free WatchDog service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 0 milliseconds:
Restart the service.

Error - 03/25/2010 03:22:33 PM | Computer Name = D2K6VLB1 | Source = Service Control Manager | ID = 7034
Description = The SeaPort service terminated unexpectedly. It has done this 1 time(s).

Error - 03/25/2010 03:22:33 PM | Computer Name = D2K6VLB1 | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 03/25/2010 03:25:41 PM | Computer Name = D2K6VLB1 | Source = Service Control Manager | ID = 7024
Description = The Java Quick Starter service terminated with service-specific error
1 (0x1).

Error - 03/25/2010 03:42:36 PM | Computer Name = D2K6VLB1 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring
the volume.

Error - 03/25/2010 03:42:59 PM | Computer Name = D2K6VLB1 | Source = Service Control Manager | ID = 7024
Description = The Java Quick Starter service terminated with service-specific error
1 (0x1).

Error - 03/25/2010 03:42:59 PM | Computer Name = D2K6VLB1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde

Error - 03/25/2010 03:58:35 PM | Computer Name = D2K6VLB1 | Source = Service Control Manager | ID = 7024
Description = The Java Quick Starter service terminated with service-specific error
1 (0x1).

Error - 03/25/2010 03:58:36 PM | Computer Name = D2K6VLB1 | Source = System Error | ID = 1003
Description = Error code 10000050, parameter1 ff05900b, parameter2 00000000, parameter3
ee73fc65, parameter4 00000000.


< End of report >

I hope that is both

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

Games_Bar_1 Toolbar
Viewpoint Media Player

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  [2010/03/25 11:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Local Settings\Application Data\Games_Bar_1
  [2010/03/25 11:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Games_Bar_1
  [2010/03/25 11:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
  [2010/03/25 11:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
  [2010/03/25 10:29:03 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014610499.xxe
  [2010/03/25 08:10:39 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146114101.xxe
  [2010/03/25 08:10:37 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146111103.xxe
  [2010/03/25 08:10:34 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014650115.xxe
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Error: Unable to interpret <[2010/03/25 11:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Celeste\Local Settings\Application Data\Games_Bar_1> in the current context!
Error: Unable to interpret <[2010/03/25 11:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Games_Bar_1> in the current context!
Error: Unable to interpret <[2010/03/25 11:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit> in the current context!
Error: Unable to interpret <[2010/03/25 11:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire> in the current context!
Error: Unable to interpret <[2010/03/25 10:29:03 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014610499.xxe> in the current context!
Error: Unable to interpret <[2010/03/25 08:10:39 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146114101.xxe> in the current context!
Error: Unable to interpret <[2010/03/25 08:10:37 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\010112010146111103.xxe> in the current context!
Error: Unable to interpret <[2010/03/25 08:10:34 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Celeste\Local Settings\Application Data\01011201014650115.xxe> in the current context!

OTL by OldTimer - Version 3.1.37.3 log created on 03252010_132606

Hello.
I think you missed :OTL as the top line, the script didn't work correctly.

View point media I removed but that GAMES BAR will NOT says: cannot open INSTALL LOG