I need to remove Think Point

View previous topic View next topic Go down

I need to remove Think Point

Post by kimberlylno on Wed Oct 20, 2010 12:38 am

Think Point downloaded onto my computer, please help me remove it!!

Thank you

OTL Extras logfile created on: 10/19/2010 5:28:56 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Jennifer\Downloads
Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 53.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 100.73 Gb Free Space | 67.58% Space Free | Partition Type: NTFS
Drive D: | 7.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DROPPED | User Name: Kimmy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E580AF6-C7FB-46DA-8D35-83DC0286A614}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D1C6C1A7-4E6A-43F2-AD36-769635B2B584}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1659652C-178A-4044-B41D-0B6CD0EB1344}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{17AFF6A2-789B-499E-8862-4FEADA6BB3F5}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{1E0B374C-74A4-4489-BBD0-2FF90AB5960C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{20BB4C14-9F1A-48A9-BAAB-2473AFBF2160}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{32CF5C3B-0094-43E3-90C8-4E5C04CC7A2F}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{3E3709B5-2789-48E6-8368-195932626C4B}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{3E3CBC3A-1ED3-48CE-B3E7-0609E96D9EC5}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{42DEBACE-57D6-4A06-814F-9078232B4F93}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{4445C639-E435-405D-8D95-A3E75324A9DA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{4C766A40-4EEF-44F5-BE5A-AA6C478C071F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{5900631A-97E8-40C3-8E26-D584E1046230}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B71C09B-D041-4598-937E-9D549963469F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{5BB007B6-001E-4D37-ACE2-1405F58BDC86}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5DA12F4A-E570-4759-B9E9-5E985191986F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{5FE19758-B7CB-48CF-96E8-D1E03641BC81}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{6BCDFD43-C3A6-4D53-95AE-749A45F31744}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{6F9E008C-E12E-472A-9CA6-B5020CF75CF2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{7C2ED925-BA8E-4F30-9D93-06E7921CF387}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{80BA2A5D-3E9A-44AE-B4A9-40C1735CFDDC}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{80BDED75-F581-4651-91B9-5FA7B701DC4F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{8308D80E-327D-43E7-A6E9-EE5832013F5B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{84871B6F-D624-484D-BA1F-CFB63B4F8752}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{887870B8-F30E-4299-9B9A-AFB90AB295AD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8FBA3B16-BA6A-46E6-8BF5-3CFCA57C02BE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A96F7861-7CCA-4B8F-9AD8-B4E04CCCCB1C}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{AFCB789E-2FD8-4F2E-92FC-19C585E6B730}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B076D753-6665-485A-88B1-70CDC2E625A1}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{C1D7603C-5B95-43EE-8830-9D3B84428929}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{C75CF655-A39E-45A1-B292-CC799754CD24}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D5FB0F79-35C7-4B58-A1B9-89516105DD90}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{E0FF8684-5AE1-44E1-BB32-9C222186E8AC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{E961358C-24F9-41FF-AB56-05478DC4BD05}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F28A849F-5CC8-4180-A59F-710AB21762E5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"TCP Query User{69F7D996-F6EB-4DE9-9BB5-802C7E3592EC}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{7E741658-3904-4A1D-85C2-8A9EA8F6E27E}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{94B4DBB8-87DD-4564-B557-260A728E40FE}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{B2DABC1F-1514-4B89-AC47-1FDC813231F3}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{CB4C2B02-3410-46BA-8977-D57A3D10388E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{056A58BA-4189-4F06-8924-0BD388EB332E}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{87485B8C-DE4C-4188-BC23-63AA976BC2A9}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{C42AAFDA-3B27-4879-9093-674344C644BC}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{CD5CB24A-12B4-4995-8658-B364F787C42C}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{FEEC2AD2-FFEE-4E98-922D-A022C02C7933}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3500_series" = Canon iP3500 series
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9EFA7323-47A0-48E2-8F77-35DB5EED500A}" = SpyHunter
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"BN_DesktopReader" = Barnes & Noble Desktop Reader
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Canon iP3500 series User Registration" = Canon iP3500 series User Registration
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Digital Editions" = Adobe Digital Editions
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"LimeWire" = LimeWire 5.5.9
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MyWebSearch bar Uninstall" = My Web Search (Webfetti)
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Search Toolbar" = Search Toolbar
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Veetle TV" = Veetle TV 0.9.17
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.6.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/19/2010 3:30:56 AM | Computer Name = DroppeD | Source = Application Error | ID = 1000
Description = Faulting application AdobeARM.exe, version 1.1.5.0, time stamp 0x4b22dc74,
faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9, exception
code 0xc0000018, fault offset 0x00008fc7, process id 0xabc, application start time
0x01cb6f5f8b024042.

Error - 10/19/2010 3:30:57 AM | Computer Name = DroppeD | Source = Application Error | ID = 1000
Description = Faulting application xacy.exe, version 0.0.0.0, time stamp 0x4742af0e,
faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9, exception
code 0xc0000018, fault offset 0x00008fc7, process id 0xfe8, application start time
0x01cb6f5f8ba71b62.

Error - 10/19/2010 3:30:57 AM | Computer Name = DroppeD | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 10.0.0.1241, time
stamp 0x4b7bc4a2, faulting module ntdll.dll, version 6.0.6000.16386, time stamp
0x4549bdc9, exception code 0xc0000018, fault offset 0x00008fc7, process id 0x878,
application start time 0x01cb6f5f8b6cf892.

Error - 10/19/2010 3:30:58 AM | Computer Name = DroppeD | Source = Application Error | ID = 1000
Description = Faulting application gamevance32.exe, version 0.0.0.0, time stamp
0x4b9a4024, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,
exception code 0xc0000018, fault offset 0x00008fc7, process id 0xa6c, application
start time 0x01cb6f5f8b644602.

Error - 10/19/2010 9:51:31 AM | Computer Name = DroppeD | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/19/2010 9:51:31 AM | Computer Name = DroppeD | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22054610

Error - 10/19/2010 9:51:31 AM | Computer Name = DroppeD | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22054610

Error - 10/19/2010 11:01:26 AM | Computer Name = DroppeD | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 10/19/2010 11:05:39 AM | Computer Name = DroppeD | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 10/19/2010 11:18:19 AM | Computer Name = DroppeD | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ OSession Events ]
Error - 4/19/2010 10:24:24 PM | Computer Name = DroppeD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 200924
seconds with 480 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6/8/2010 5:49:47 PM | Computer Name = DroppeD | Source = DCOM | ID = 10016
Description =

Error - 6/8/2010 6:19:34 PM | Computer Name = DroppeD | Source = DCOM | ID = 10010
Description =

Error - 6/10/2010 1:39:31 AM | Computer Name = DroppeD | Source = DCOM | ID = 10010
Description =

Error - 6/13/2010 12:17:59 AM | Computer Name = DroppeD | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:14:59 PM on 6/12/2010 was unexpected.

Error - 6/13/2010 2:52:50 AM | Computer Name = DroppeD | Source = DCOM | ID = 10010
Description =

Error - 6/13/2010 11:20:09 AM | Computer Name = DroppeD | Source = DCOM | ID = 10010
Description =

Error - 6/14/2010 8:39:54 PM | Computer Name = DroppeD | Source = DCOM | ID = 10010
Description =

Error - 6/16/2010 2:31:37 AM | Computer Name = DroppeD | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:41:47 PM on 6/15/2010 was unexpected.

Error - 6/16/2010 2:32:46 AM | Computer Name = DroppeD | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.73 for the Network Card with network
address 001A736A5766 has been denied by the DHCP server 10.3.96.1 (The DHCP Server
sent a DHCPNACK message).

Error - 6/16/2010 8:48:07 PM | Computer Name = DroppeD | Source = Dhcp | ID = 1002
Description = The IP address lease 10.3.126.34 for the Network Card with network
address 001A736A5766 has been denied by the DHCP server 10.3.160.1 (The DHCP Server
sent a DHCPNACK message).


< End of report >

kimberlylno
Beginner
Beginner

Posts Posts : 2
Joined Joined : 2010-10-20
OS OS : VISTA
Points Points : 22398
# Likes # Likes : 0

View user profile

Back to top Go down

Second log

Post by kimberlylno on Wed Oct 20, 2010 12:40 am


Second log...

OTL logfile created on: 10/19/2010 5:28:56 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Jennifer\Downloads
Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 53.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 100.73 Gb Free Space | 67.58% Space Free | Partition Type: NTFS
Drive D: | 7.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DROPPED | User Name: Kimmy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/19 17:27:42 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Jennifer\Downloads\OTL.exe
PRC - [2010/10/04 18:51:48 | 002,067,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/09/23 09:49:31 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/09/21 14:51:54 | 000,327,000 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2010/07/20 08:35:42 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/15 11:20:41 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/15 11:20:38 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/15 11:20:05 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/07/15 11:20:04 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/05 22:33:47 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/03/03 22:29:19 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2010/03/03 22:29:19 | 000,028,783 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
PRC - [2010/03/03 22:29:19 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2010/02/26 22:16:21 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/02/17 03:30:48 | 005,244,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/01/15 05:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/06/11 13:14:02 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\YouCam\YouCamTray.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/04/13 08:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/04/03 18:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE


========== Modules (SafeList) ==========

MOD - [2010/10/19 17:27:42 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Jennifer\Downloads\OTL.exe
MOD - [2010/07/15 11:20:41 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2006/11/02 02:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006/11/02 02:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/09/21 14:51:54 | 000,327,000 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2010/07/20 08:35:42 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/15 11:20:38 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/03 22:29:19 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2010/02/26 22:46:30 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/01/15 05:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/04/13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/07/15 11:20:43 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/15 11:20:05 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/02 14:23:40 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/28 07:44:02 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010/02/27 09:59:46 | 002,661,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2010/01/27 18:10:44 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2009/09/02 04:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/11/11 13:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbgps.sys -- (UsbGps)
DRV - [2008/11/11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 13:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/10/03 04:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/07/07 12:15:24 | 002,378,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/06/30 06:52:26 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008/03/28 03:06:00 | 000,199,472 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/11/01 09:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 09:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/11/01 09:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/22 07:58:10 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/22 07:58:10 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/22 07:58:10 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 02:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 02:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 02:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 02:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 02:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 02:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 02:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 02:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 02:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 02:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 02:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 02:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 02:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.1
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.1
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:4.5
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:3.6.8.107
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16046&locale=en_US&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin [2010/03/03 22:29:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/04 09:27:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/08 13:58:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/08 13:58:09 | 000,000,000 | ---D | M]

[2010/06/08 15:17:26 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Extensions
[2010/06/08 15:17:26 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/10/13 10:47:44 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\t3eygn2f.default\extensions
[2010/05/06 13:17:12 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\t3eygn2f.default\extensions\searchtoolbar@zugo.com
[2010/08/15 09:05:12 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\t3eygn2f.default\extensions\toolbar@ask.com
[2010/08/15 16:57:21 | 000,002,425 | ---- | M] () -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\t3eygn2f.default\searchplugins\askcom.xml
[2010/05/06 13:17:16 | 000,001,949 | ---- | M] () -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\t3eygn2f.default\searchplugins\bing-zugo.xml
[2010/03/26 10:18:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [{6678317A-8519-2C91-DB7E-FCC05AFF5B42}] C:\Users\Kimmy\AppData\Roaming\Ynroba\xacy.exe ()
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKCU..\Run: [Nciloxewofeseduz] C:\Users\Kimmy\AppData\Local\Senemfy.DLL ()
O4 - HKCU..\Run: [Ozasuz] C:\Users\Kimmy\AppData\Local\irubeham.DLL (MPC-HC Team)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [gvu] File not found
O4 - HKLM..\RunOnce: [gvu2] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [gvu3] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [GV Cookie Remover] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [GV Firefox removal1] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Kimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} [You must be registered and logged in to see this link.] (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} [You must be registered and logged in to see this link.] (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} [You must be registered and logged in to see this link.] (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.248.121 192.168.248.122
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Kimmy\AppData\Roaming\hotfix.exe) - C:\Users\Kimmy\AppData\Roaming\hotfix.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Kimmy\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Kimmy\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4db69da0-77ae-11df-811e-001f1669be21}\Shell - "" = AutoRun
O33 - MountPoints2\{4db69da0-77ae-11df-811e-001f1669be21}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/19 15:40:21 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2010/10/19 15:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/10/19 15:39:47 | 000,000,000 | ---D | C] -- C:\Windows\9EFA732347A048E28F7735DB5EED500A.TMP
[2010/10/19 15:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/10/19 07:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/10/19 07:00:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS
[2010/10/19 07:00:08 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[2010/10/19 07:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010/10/19 07:00:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS\0207030.022
[2010/10/19 07:00:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010/10/19 07:00:06 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/10/19 00:21:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Update
[2010/10/19 00:19:08 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\AppData\Roaming\Ynroba
[2010/10/19 00:19:08 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\AppData\Roaming\Owsaed
[2010/10/19 00:18:45 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\AppData\Local\{72B2680F-F365-429D-9DB4-EA5BC9843FE5}
[2010/10/19 00:13:13 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\Windows
[2010/10/19 00:13:02 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\Server
[2010/10/19 00:10:40 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/10/18 23:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/10/18 21:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\The Weather Channel FW
[2010/10/18 21:28:34 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\AppData\Local\The Weather Channel
[2010/10/06 20:17:14 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\Documents\New Folder
[2010/09/29 19:54:11 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\Documents\Linguistics
[2010/09/27 20:47:11 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\Documents\spanish 6
[2010/02/26 21:06:30 | 000,201,216 | ---- | C] (MPC-HC Team) -- C:\Users\Kimmy\AppData\Local\irubeham.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/19 16:58:40 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/19 16:58:17 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/19 16:58:17 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/19 15:40:22 | 000,002,077 | ---- | M] () -- C:\Users\Kimmy\Desktop\SpyHunter.lnk
[2010/10/19 13:58:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/19 09:21:57 | 066,570,953 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/10/19 08:03:18 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/19 08:03:18 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/19 07:58:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/19 07:58:04 | 3149,078,528 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/19 07:47:33 | 000,000,006 | ---- | M] () -- C:\Users\Kimmy\AppData\Roaming\start
[2010/10/19 07:17:35 | 000,000,474 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Kimmy.job
[2010/10/19 07:00:12 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010/10/19 07:00:08 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NSS\0207030.022\isolate.ini
[2010/10/19 06:58:41 | 000,000,120 | ---- | M] () -- C:\Users\Kimmy\AppData\Local\Osujogiwab.dat
[2010/10/19 00:31:31 | 000,017,293 | ---- | M] () -- C:\Users\Kimmy\AppData\Local\anoredoxirakipe.dll
[2010/10/19 00:29:44 | 000,000,006 | ---- | M] () -- C:\Users\Kimmy\AppData\Roaming\completescan
[2010/10/19 00:22:47 | 000,000,010 | ---- | M] () -- C:\Users\Kimmy\AppData\Roaming\install
[2010/10/19 00:21:55 | 000,511,488 | ---- | M] () -- C:\Users\Kimmy\AppData\Roaming\hotfix.exe
[2010/10/19 00:21:55 | 000,000,184 | ---- | M] () -- C:\Users\Kimmy\AppData\Roaming\35490.bat
[2010/10/19 00:19:03 | 000,000,000 | ---- | M] () -- C:\Users\Kimmy\AppData\Local\Xtilalolacihir.bin
[2010/10/18 21:19:39 | 000,059,506 | ---- | M] () -- C:\Users\Kimmy\Desktop\IPA_chart_(C)2005.pdf
[2010/10/18 21:02:44 | 000,368,695 | ---- | M] () -- C:\Users\Kimmy\Desktop\Pough_LoveFeminism.pdf
[2010/10/06 12:52:17 | 000,030,614 | ---- | M] () -- C:\Users\Kimmy\Desktop\Chile.docx
[2010/10/06 11:03:11 | 000,000,162 | -H-- | M] () -- C:\Users\Kimmy\Desktop\~$Chile.docx
[2010/09/29 18:51:45 | 001,282,422 | ---- | M] () -- C:\Users\Kimmy\Desktop\Ch10_Feminism.pdf
[2010/09/27 18:34:16 | 000,000,162 | -H-- | M] () -- C:\Users\Kimmy\Desktop\~$100.Fall2010 wmstudies.doc
[2010/09/23 21:21:55 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/09/23 11:01:16 | 000,063,488 | ---- | M] () -- C:\Users\Kimmy\Desktop\ws100.Fall2010 wmstudies.doc
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/19 15:40:22 | 000,002,077 | ---- | C] () -- C:\Users\Kimmy\Desktop\SpyHunter.lnk
[2010/10/19 07:58:04 | 3149,078,528 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/19 07:00:12 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010/10/19 07:00:12 | 000,000,474 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Kimmy.job
[2010/10/19 07:00:08 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NSS\0207030.022\isolate.ini
[2010/10/19 00:31:28 | 000,017,293 | ---- | C] () -- C:\Users\Kimmy\AppData\Local\anoredoxirakipe.dll
[2010/10/19 00:30:39 | 000,000,006 | ---- | C] () -- C:\Users\Kimmy\AppData\Roaming\start
[2010/10/19 00:29:44 | 000,000,006 | ---- | C] () -- C:\Users\Kimmy\AppData\Roaming\completescan
[2010/10/19 00:22:47 | 000,000,010 | ---- | C] () -- C:\Users\Kimmy\AppData\Roaming\install
[2010/10/19 00:21:55 | 000,511,488 | ---- | C] () -- C:\Users\Kimmy\AppData\Roaming\hotfix.exe
[2010/10/19 00:21:55 | 000,000,184 | ---- | C] () -- C:\Users\Kimmy\AppData\Roaming\35490.bat
[2010/10/19 00:19:03 | 000,000,000 | ---- | C] () -- C:\Users\Kimmy\AppData\Local\Xtilalolacihir.bin
[2010/10/19 00:18:59 | 000,000,120 | ---- | C] () -- C:\Users\Kimmy\AppData\Local\Osujogiwab.dat
[2010/10/18 21:19:39 | 000,059,506 | ---- | C] () -- C:\Users\Kimmy\Desktop\IPA_chart_(C)2005.pdf
[2010/10/18 21:02:44 | 000,368,695 | ---- | C] () -- C:\Users\Kimmy\Desktop\Pough_LoveFeminism.pdf
[2010/10/06 11:03:11 | 000,000,162 | -H-- | C] () -- C:\Users\Kimmy\Desktop\~$Chile.docx
[2010/09/29 18:51:44 | 001,282,422 | ---- | C] () -- C:\Users\Kimmy\Desktop\Ch10_Feminism.pdf
[2010/09/27 20:05:44 | 000,030,614 | ---- | C] () -- C:\Users\Kimmy\Desktop\Chile.docx
[2010/09/27 18:34:16 | 000,000,162 | -H-- | C] () -- C:\Users\Kimmy\Desktop\~$100.Fall2010 wmstudies.doc
[2010/09/23 11:01:15 | 000,063,488 | ---- | C] () -- C:\Users\Kimmy\Desktop\ws100.Fall2010 wmstudies.doc
[2010/04/02 10:01:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/04 09:04:18 | 000,001,246 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/03/03 17:49:21 | 000,013,312 | ---- | C] () -- C:\Users\Kimmy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/27 10:00:00 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010/02/26 21:06:30 | 000,077,312 | ---- | C] () -- C:\Users\Kimmy\AppData\Local\Senemfy.dll
[2010/02/26 18:53:39 | 000,001,356 | ---- | C] () -- C:\Users\Kimmy\AppData\Local\d3d9caps.dat
[2009/03/05 07:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2008/07/07 12:29:46 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll
[2008/06/30 06:52:14 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2006/11/02 05:34:23 | 000,080,010 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2006/11/02 05:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 17:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

< End of report >

kimberlylno
Beginner
Beginner

Posts Posts : 2
Joined Joined : 2010-10-20
OS OS : VISTA
Points Points : 22398
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I need to remove Think Point

Post by Belahzur on Wed Oct 20, 2010 11:24 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum