I couldn't do anything because of ThinkPoint. Anyone can help me?

View previous topic View next topic Go down

I couldn't do anything because of ThinkPoint. Anyone can help me?

Post by gkerr101 on Wed Nov 17, 2010 4:54 pm

I got thinkpoint. I tried to use Malwarebytes to clean it but doesn't work. I went to the safe mode, thinkpoint is there even in safe mode. I saw someone suggest to download other software, but I even cann't open the internet explore or firefox, how can I download it. Can anyone help me to solve the problem? Appreciated.

gkerr101
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-11-17
OS OS : Window XP
Points Points : 22148
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I couldn't do anything because of ThinkPoint. Anyone can help me?

Post by Belahzur on Wed Nov 17, 2010 11:48 pm

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: I couldn't do anything because of ThinkPoint. Anyone can help me?

Post by gkerr101 on Mon Nov 22, 2010 3:14 am

OTL logfile created on: 11/21/2010 6:51:51 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Grorge Kerr\My Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
3.00 Gb Paging File | 1.00 Gb Available in Paging File | 46.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 117.19 Gb Total Space | 82.05 Gb Free Space | 70.02% Space Free | Partition Type: NTFS
Drive D: | 115.69 Gb Total Space | 111.29 Gb Free Space | 96.19% Space Free | Partition Type: NTFS

Computer Name: COMPUTER | User Name: Grorge Kerr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/21 18:51:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grorge Kerr\My Documents\OTL.exe
PRC - [2010/11/07 18:53:09 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/05/28 17:51:04 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/05/28 14:08:17 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/05/28 14:08:17 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/05/28 14:08:17 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/05/28 14:08:17 | 000,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/05/28 14:08:16 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/05/28 14:08:15 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/05/28 14:08:15 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/04/23 12:52:28 | 012,649,736 | ---- | M] (AVM Software Inc.) -- C:\Program Files\Paltalk Messenger\paltalk.exe
PRC - [2010/02/18 10:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/02/02 10:13:54 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
PRC - [2010/01/18 14:14:26 | 001,286,608 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/12/08 20:29:44 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
PRC - [2009/08/07 16:15:06 | 000,311,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2009/08/07 16:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/08/03 10:50:22 | 001,167,360 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2009/02/09 08:31:56 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/24 10:44:34 | 000,872,448 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2008/07/09 22:07:00 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/08/03 15:53:00 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe


========== Modules (SafeList) ==========

MOD - [2010/11/21 18:51:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grorge Kerr\My Documents\OTL.exe
MOD - [2010/02/02 10:13:54 | 000,451,856 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll
MOD - [2009/10/30 11:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009/09/09 22:54:58 | 000,155,184 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\smum32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/10/07 15:17:25 | 000,745,476 | ---- | M] (NCH Software) [Auto | Stopped] -- C:\Program Files\NCH Swift Sound\MSRS\msrs.exe -- (MSRSService)
SRV - [2010/08/10 01:11:11 | 000,126,976 | ---- | M] () [Auto | Stopped] -- C:\ManageEngine\ServiceDesk\bin\wrapper.exe -- (servicedesk)
SRV - [2010/05/28 14:08:15 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/05/28 14:08:15 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/02/02 10:13:54 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/08/07 16:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2010/05/28 14:08:35 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/05/28 14:08:29 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/05/28 14:08:25 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/05/10 10:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/05 09:25:38 | 000,070,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2010/02/05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/02/02 10:13:54 | 000,059,664 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/02/02 10:13:54 | 000,051,984 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/02/02 10:13:54 | 000,033,552 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2009/09/23 16:10:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2008/04/13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/02/07 11:30:30 | 003,934,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/01/31 10:57:50 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/10/18 13:22:00 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2006/09/12 11:43:00 | 000,659,456 | R--- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2006/01/24 10:34:38 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2004/08/14 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.search.yahoo.com/?fr=w3i&type=W3i_SP,205,0_0,StartPage,20101145,16900,0,16,0"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {c2db4fe6-8409-45ce-8010-189a7b5cce86}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {5835466c-49af-4cbe-b102-a8c8b6313749}:1.0.14
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {1266764D-FC4F-4FA7-B63B-884D53B1680F}:3.6.5
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/05 08:12:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/17 09:43:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/05 09:45:02 | 000,000,000 | ---D | M]

[2010/07/10 13:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Extensions
[2010/11/20 20:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\extensions
[2010/11/06 08:00:28 | 000,000,000 | ---D | M] (Shop to Win) -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\extensions\{5835466c-49af-4cbe-b102-a8c8b6313749}
[2010/11/06 08:00:53 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/10/05 09:47:55 | 000,000,000 | ---D | M] (NCH Toolbar) -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}
[2010/10/05 09:47:54 | 000,000,909 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\searchplugins\conduit.xml
[2010/07/10 13:52:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2001/08/23 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll (Conduit Ltd.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (NCH Toolbar) - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - C:\Program Files\NCH\tbNC1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [MSRS] C:\Program Files\NCH Swift Sound\MSRS\msrs.exe (NCH Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Recordpad] C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe (NCH Software)
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O4 - Startup: C:\Documents and Settings\Grorge Kerr\Start Menu\Programs\Startup\Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} [You must be registered and logged in to see this link.] (Submit Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [You must be registered and logged in to see this link.] (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/01 22:16:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/10 17:02:48 | 000,000,057 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/07/10 17:02:48 | 000,000,057 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{dfba6804-6f3f-11df-a8b1-001d608baa82}\Shell\AutoRun\command - "" = F:\iuvvl9f3.exe -- File not found
O33 - MountPoints2\{dfba6804-6f3f-11df-a8b1-001d608baa82}\Shell\open\Command - "" = F:\iuvvl9f3.exe -- File not found
O33 - MountPoints2\C\Shell\AutoRun\command - "" = C:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
O33 - MountPoints2\C\Shell\open\Command - "" = C:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
O33 - MountPoints2\D\Shell\open\Command - "" = D:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/21 18:51:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Grorge Kerr\My Documents\OTL.exe
[2010/11/17 13:16:18 | 000,059,664 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys
[2010/11/17 13:16:18 | 000,051,984 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys
[2010/11/17 13:16:18 | 000,033,552 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys
[2010/11/17 12:54:31 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/11/17 12:54:29 | 000,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/11/17 12:54:29 | 000,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/11/17 12:54:26 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/11/17 12:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/11/17 12:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/11/17 12:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/11/17 12:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/17 12:43:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/11/17 12:37:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS
[2010/11/17 07:11:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Grorge Kerr\Recent
[2010/11/17 06:08:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/11/17 05:25:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\Server
[2010/11/06 12:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Local Settings\Application Data\Yahoo
[2010/11/06 08:03:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\vlc
[2010/11/06 08:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Local Settings\Application Data\WeatherBug
[2010/11/06 08:01:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\WeatherBug
[2010/11/06 08:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2010/11/06 08:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/11/06 08:00:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\NetAssistant
[2010/11/06 08:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/11/06 08:00:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\Yahoo!
[2010/11/06 08:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/11/06 08:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\PriceGong
[2010/11/06 08:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\PriceGong
[2010/11/06 07:37:02 | 002,151,544 | ---- | C] (W3i, LLC) -- C:\Documents and Settings\Grorge Kerr\My Documents\VLC_32.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/21 18:51:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grorge Kerr\My Documents\OTL.exe
[2010/11/21 18:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/11/21 18:06:02 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/21 18:01:01 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/11/21 17:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/11/21 16:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/11/21 16:06:01 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/21 15:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/11/21 14:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/11/21 13:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/11/21 13:28:23 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\How to calculate.doc
[2010/11/21 13:26:49 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Combo+Sheet+2.xls
[2010/11/21 12:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/11/21 12:27:04 | 000,073,451 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/21 12:26:44 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/21 12:26:43 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/11/21 12:26:43 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/11/21 12:26:43 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/11/21 12:26:42 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/11/21 12:26:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/21 07:54:30 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\~$w to calculate.doc
[2010/11/21 07:52:22 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/11/21 07:52:22 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/11/20 20:30:25 | 000,002,345 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NinjaTrader 7.lnk
[2010/11/20 20:13:15 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/11/20 20:13:15 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/11/20 20:13:15 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/11/19 15:12:34 | 000,292,986 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\5SimplyPowerfulSPStrategies.pdf
[2010/11/19 12:34:48 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Resume[1].doc
[2010/11/19 05:20:28 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/11/18 05:13:05 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/11/17 20:58:01 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Desktop\海通证券网上交易系统.lnk
[2010/11/17 20:58:01 | 000,000,427 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Desktop\海通证券大智慧.lnk
[2010/11/17 13:26:09 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Application Data\completescan
[2010/11/17 12:54:29 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/11/17 08:53:14 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Application Data\start
[2010/11/17 05:37:39 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Application Data\install
[2010/11/17 05:36:55 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/11/17 05:36:53 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/11/17 05:36:43 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/11/17 05:36:41 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/11/17 05:25:32 | 000,022,528 | ---- | M] () -- C:\WINDOWS\System32\ttux.qqo
[2010/11/16 16:38:52 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\露茜女士命盘.doc
[2010/11/16 14:32:57 | 000,084,480 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-16jp.doc
[2010/11/13 09:51:41 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\MARKET PROFILE DIARY.doc
[2010/11/11 21:27:29 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\DailyMPTable.xls
[2010/11/07 18:44:43 | 000,432,992 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/07 18:44:43 | 000,067,696 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/06 08:03:12 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/11/06 08:01:04 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Desktop\1000 Free Songs!.lnk
[2010/11/06 07:37:09 | 002,151,544 | ---- | M] (W3i, LLC) -- C:\Documents and Settings\Grorge Kerr\My Documents\VLC_32.exe
[2010/11/05 14:08:48 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\CalculationTable.xls
[2010/11/03 13:44:57 | 1878,729,894 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 031.wav
[2010/11/03 13:44:29 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-3jp.doc
[2010/11/03 05:58:39 | 006,222,382 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 030.wav
[2010/11/03 05:57:25 | 013,155,076 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 029.wav
[2010/11/03 05:54:51 | 016,152,622 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 028.wav
[2010/11/03 05:51:46 | 009,044,014 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 027.wav
[2010/11/03 05:50:02 | 010,374,190 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 026.wav
[2010/11/03 05:48:02 | 012,103,726 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 025.wav
[2010/11/03 05:45:43 | 008,504,110 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 024.wav
[2010/11/03 05:44:02 | 007,122,196 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 023.wav
[2010/11/03 05:42:21 | 008,611,630 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 022.wav
[2010/11/03 05:39:57 | 108,180,526 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 021.wav
[2010/11/03 05:18:34 | 000,973,102 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 020.wav
[2010/11/02 15:43:57 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-2jp.doc
[2010/10/30 15:49:44 | 000,103,936 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-29jp.doc
[2010/10/29 13:38:37 | 000,076,800 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-30jp.doc
[2010/10/28 15:27:44 | 000,086,016 | ---- | M] () -- C:\WINDOWS\System32\NtDirect.dll
[2010/10/28 13:37:45 | 2976,081,570 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 019.wav
[2010/10/27 16:24:15 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-27jp.doc
[2010/10/26 16:19:43 | 000,094,720 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-26jp.doc
[2010/10/25 16:48:49 | 000,078,848 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-25jp.doc
[2010/10/25 10:59:10 | 1473,129,676 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 018.wav
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/21 07:54:30 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\~$w to calculate.doc
[2010/11/19 15:12:34 | 000,292,986 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\5SimplyPowerfulSPStrategies.pdf
[2010/11/19 12:33:08 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Resume[1].doc
[2010/11/17 12:54:31 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/11/17 12:54:29 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/11/17 12:54:29 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/11/17 12:54:29 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/11/17 12:54:26 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/11/17 05:55:16 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\start
[2010/11/17 05:51:02 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\completescan
[2010/11/17 05:37:39 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\install
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/11/17 05:36:53 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/11/17 05:36:53 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/11/17 05:36:42 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/11/17 05:36:41 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/11/17 05:25:33 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\ttux.qqo
[2010/11/16 18:19:16 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Desktop\海通证券网上交易系统.lnk
[2010/11/16 18:19:16 | 000,000,427 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Desktop\海通证券大智慧.lnk
[2010/11/16 13:39:44 | 000,084,480 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-16jp.doc
[2010/11/16 12:04:01 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\露茜女士命盘.doc
[2010/11/11 21:27:29 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\DailyMPTable.xls
[2010/11/06 08:01:04 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Desktop\1000 Free Songs!.lnk
[2010/11/05 13:36:46 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\CalculationTable.xls
[2010/11/03 13:44:29 | 000,079,872 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-3jp.doc
[2010/11/03 05:58:42 | 1878,729,894 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 031.wav
[2010/11/03 05:57:29 | 006,222,382 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 030.wav
[2010/11/03 05:54:56 | 013,155,076 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 029.wav
[2010/11/03 05:51:47 | 016,152,622 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 028.wav
[2010/11/03 05:50:04 | 009,044,014 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 027.wav
[2010/11/03 05:48:04 | 010,374,190 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 026.wav
[2010/11/03 05:45:45 | 012,103,726 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 025.wav
[2010/11/03 05:44:06 | 008,504,110 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 024.wav
[2010/11/03 05:42:41 | 007,122,196 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 023.wav
[2010/11/03 05:40:44 | 008,611,630 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 022.wav
[2010/11/03 05:19:13 | 108,180,526 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 021.wav
[2010/11/03 05:18:20 | 000,973,102 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 020.wav
[2010/11/02 12:54:14 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-2jp.doc
[2010/10/29 13:28:12 | 000,076,800 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-30jp.doc
[2010/10/28 15:27:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\NtDirect.dll
[2010/10/28 12:54:24 | 000,103,936 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-29jp.doc
[2010/10/27 12:21:51 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-27jp.doc
[2010/10/26 16:19:42 | 000,094,720 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-26jp.doc
[2010/10/26 05:03:58 | 2976,081,570 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 019.wav
[2010/10/25 10:45:24 | 000,078,848 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-25jp.doc
[2010/10/25 04:58:53 | 1473,129,676 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 018.wav
[2010/10/05 12:09:09 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/27 14:27:29 | 000,000,242 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010/09/27 14:27:29 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010/09/27 14:27:23 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/09/27 14:27:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/09/27 14:23:55 | 000,031,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/07/12 18:25:03 | 000,000,035 | ---- | C] () -- C:\WINDOWS\vbupdtx.ini
[2010/07/12 17:47:41 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/07/10 14:18:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\uciqujarowijehul.dll
[2010/07/08 14:41:55 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\AscSQLite.dll
[2010/06/30 04:47:11 | 000,000,107 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/06/06 15:57:35 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\htverify.dat
[2010/06/06 15:57:35 | 000,000,136 | ---- | C] () -- C:\Program Files\Common Files\jyverify.dat
[2010/06/06 07:27:33 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/05 08:15:48 | 000,000,043 | ---- | C] () -- C:\WINDOWS\ib.ini
[2010/06/05 08:15:35 | 000,026,624 | ---- | C] () -- C:\WINDOWS\GetIe.dll
[2010/05/28 16:53:13 | 000,086,768 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2008/07/01 22:52:03 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/07/01 22:52:03 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008/07/01 22:51:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2008/07/01 22:31:25 | 002,702,848 | R--- | C] () -- C:\WINDOWS\System32\s3gcil_inv.dll
[2008/07/01 22:27:37 | 000,011,015 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/07/01 22:23:27 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/07/01 22:23:17 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/07/01 15:07:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/02/07 11:30:30 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/02/07 11:30:30 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/02/07 11:30:30 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/02/07 11:30:30 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007/02/07 11:30:30 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/02/07 11:30:30 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/02/07 11:30:30 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2004/09/17 16:37:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2003/01/07 13:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/22 05:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

gkerr101
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-11-17
OS OS : Window XP
Points Points : 22148
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I couldn't do anything because of ThinkPoint. Anyone can help me?

Post by gkerr101 on Mon Nov 22, 2010 3:17 am

OTL logfile created on: 11/21/2010 6:51:51 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Grorge Kerr\My Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
3.00 Gb Paging File | 1.00 Gb Available in Paging File | 46.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 117.19 Gb Total Space | 82.05 Gb Free Space | 70.02% Space Free | Partition Type: NTFS
Drive D: | 115.69 Gb Total Space | 111.29 Gb Free Space | 96.19% Space Free | Partition Type: NTFS

Computer Name: COMPUTER | User Name: Grorge Kerr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/21 18:51:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grorge Kerr\My Documents\OTL.exe
PRC - [2010/11/07 18:53:09 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/05/28 17:51:04 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/05/28 14:08:17 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/05/28 14:08:17 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/05/28 14:08:17 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/05/28 14:08:17 | 000,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/05/28 14:08:16 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/05/28 14:08:15 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/05/28 14:08:15 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/04/23 12:52:28 | 012,649,736 | ---- | M] (AVM Software Inc.) -- C:\Program Files\Paltalk Messenger\paltalk.exe
PRC - [2010/02/18 10:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/02/02 10:13:54 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
PRC - [2010/01/18 14:14:26 | 001,286,608 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/12/08 20:29:44 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
PRC - [2009/08/07 16:15:06 | 000,311,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2009/08/07 16:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/08/03 10:50:22 | 001,167,360 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2009/02/09 08:31:56 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/24 10:44:34 | 000,872,448 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2008/07/09 22:07:00 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/08/03 15:53:00 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe


========== Modules (SafeList) ==========

MOD - [2010/11/21 18:51:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grorge Kerr\My Documents\OTL.exe
MOD - [2010/02/02 10:13:54 | 000,451,856 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll
MOD - [2009/10/30 11:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009/09/09 22:54:58 | 000,155,184 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\smum32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/10/07 15:17:25 | 000,745,476 | ---- | M] (NCH Software) [Auto | Stopped] -- C:\Program Files\NCH Swift Sound\MSRS\msrs.exe -- (MSRSService)
SRV - [2010/08/10 01:11:11 | 000,126,976 | ---- | M] () [Auto | Stopped] -- C:\ManageEngine\ServiceDesk\bin\wrapper.exe -- (servicedesk)
SRV - [2010/05/28 14:08:15 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/05/28 14:08:15 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/02/02 10:13:54 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/08/07 16:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2010/05/28 14:08:35 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/05/28 14:08:29 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/05/28 14:08:25 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/05/10 10:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/05 09:25:38 | 000,070,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2010/02/05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/02/02 10:13:54 | 000,059,664 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/02/02 10:13:54 | 000,051,984 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/02/02 10:13:54 | 000,033,552 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2009/09/23 16:10:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2008/04/13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/02/07 11:30:30 | 003,934,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/01/31 10:57:50 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/10/18 13:22:00 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2006/09/12 11:43:00 | 000,659,456 | R--- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2006/01/24 10:34:38 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2004/08/14 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.search.yahoo.com/?fr=w3i&type=W3i_SP,205,0_0,StartPage,20101145,16900,0,16,0"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {c2db4fe6-8409-45ce-8010-189a7b5cce86}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {5835466c-49af-4cbe-b102-a8c8b6313749}:1.0.14
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {1266764D-FC4F-4FA7-B63B-884D53B1680F}:3.6.5
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/05 08:12:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/17 09:43:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/05 09:45:02 | 000,000,000 | ---D | M]

[2010/07/10 13:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Extensions
[2010/11/20 20:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\extensions
[2010/11/06 08:00:28 | 000,000,000 | ---D | M] (Shop to Win) -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\extensions\{5835466c-49af-4cbe-b102-a8c8b6313749}
[2010/11/06 08:00:53 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/10/05 09:47:55 | 000,000,000 | ---D | M] (NCH Toolbar) -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}
[2010/10/05 09:47:54 | 000,000,909 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Application Data\Mozilla\Firefox\Profiles\6orswklh.default\searchplugins\conduit.xml
[2010/07/10 13:52:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2001/08/23 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll (Conduit Ltd.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (NCH Toolbar) - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - C:\Program Files\NCH\tbNC1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [MSRS] C:\Program Files\NCH Swift Sound\MSRS\msrs.exe (NCH Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Recordpad] C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe (NCH Software)
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O4 - Startup: C:\Documents and Settings\Grorge Kerr\Start Menu\Programs\Startup\Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} [You must be registered and logged in to see this link.] (Submit Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [You must be registered and logged in to see this link.] (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/01 22:16:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/10 17:02:48 | 000,000,057 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/07/10 17:02:48 | 000,000,057 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{dfba6804-6f3f-11df-a8b1-001d608baa82}\Shell\AutoRun\command - "" = F:\iuvvl9f3.exe -- File not found
O33 - MountPoints2\{dfba6804-6f3f-11df-a8b1-001d608baa82}\Shell\open\Command - "" = F:\iuvvl9f3.exe -- File not found
O33 - MountPoints2\C\Shell\AutoRun\command - "" = C:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
O33 - MountPoints2\C\Shell\open\Command - "" = C:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
O33 - MountPoints2\D\Shell\open\Command - "" = D:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/21 18:51:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Grorge Kerr\My Documents\OTL.exe
[2010/11/17 13:16:18 | 000,059,664 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys
[2010/11/17 13:16:18 | 000,051,984 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys
[2010/11/17 13:16:18 | 000,033,552 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys
[2010/11/17 12:54:31 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/11/17 12:54:29 | 000,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/11/17 12:54:29 | 000,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/11/17 12:54:26 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/11/17 12:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/11/17 12:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/11/17 12:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/11/17 12:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/17 12:43:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/11/17 12:37:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS
[2010/11/17 07:11:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Grorge Kerr\Recent
[2010/11/17 06:08:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/11/17 05:25:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\Server
[2010/11/06 12:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Local Settings\Application Data\Yahoo
[2010/11/06 08:03:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\vlc
[2010/11/06 08:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Local Settings\Application Data\WeatherBug
[2010/11/06 08:01:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\WeatherBug
[2010/11/06 08:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2010/11/06 08:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/11/06 08:00:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\NetAssistant
[2010/11/06 08:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/11/06 08:00:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\Yahoo!
[2010/11/06 08:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/11/06 08:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grorge Kerr\Application Data\PriceGong
[2010/11/06 08:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\PriceGong
[2010/11/06 07:37:02 | 002,151,544 | ---- | C] (W3i, LLC) -- C:\Documents and Settings\Grorge Kerr\My Documents\VLC_32.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/21 18:51:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grorge Kerr\My Documents\OTL.exe
[2010/11/21 18:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/11/21 18:06:02 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/21 18:01:01 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/11/21 17:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/11/21 16:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/11/21 16:06:01 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/21 15:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/11/21 14:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/11/21 13:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/11/21 13:28:23 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\How to calculate.doc
[2010/11/21 13:26:49 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Combo+Sheet+2.xls
[2010/11/21 12:37:00 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/11/21 12:27:04 | 000,073,451 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/21 12:26:44 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/21 12:26:43 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/11/21 12:26:43 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/11/21 12:26:43 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/11/21 12:26:42 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/11/21 12:26:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/21 07:54:30 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\~$w to calculate.doc
[2010/11/21 07:52:22 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/11/21 07:52:22 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/11/20 20:30:25 | 000,002,345 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NinjaTrader 7.lnk
[2010/11/20 20:13:15 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/11/20 20:13:15 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/11/20 20:13:15 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/11/19 15:12:34 | 000,292,986 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\5SimplyPowerfulSPStrategies.pdf
[2010/11/19 12:34:48 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Resume[1].doc
[2010/11/19 05:20:28 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/11/18 05:13:05 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/11/17 20:58:01 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Desktop\海通证券网上交易系统.lnk
[2010/11/17 20:58:01 | 000,000,427 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Desktop\海通证券大智慧.lnk
[2010/11/17 13:26:09 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Application Data\completescan
[2010/11/17 12:54:29 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/11/17 08:53:14 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Application Data\start
[2010/11/17 05:37:39 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Application Data\install
[2010/11/17 05:36:55 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/11/17 05:36:53 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/11/17 05:36:43 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/11/17 05:36:41 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/11/17 05:25:32 | 000,022,528 | ---- | M] () -- C:\WINDOWS\System32\ttux.qqo
[2010/11/16 16:38:52 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\露茜女士命盘.doc
[2010/11/16 14:32:57 | 000,084,480 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-16jp.doc
[2010/11/13 09:51:41 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\MARKET PROFILE DIARY.doc
[2010/11/11 21:27:29 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\DailyMPTable.xls
[2010/11/07 18:44:43 | 000,432,992 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/07 18:44:43 | 000,067,696 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/06 08:03:12 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/11/06 08:01:04 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\Desktop\1000 Free Songs!.lnk
[2010/11/06 07:37:09 | 002,151,544 | ---- | M] (W3i, LLC) -- C:\Documents and Settings\Grorge Kerr\My Documents\VLC_32.exe
[2010/11/05 14:08:48 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\CalculationTable.xls
[2010/11/03 13:44:57 | 1878,729,894 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 031.wav
[2010/11/03 13:44:29 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-3jp.doc
[2010/11/03 05:58:39 | 006,222,382 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 030.wav
[2010/11/03 05:57:25 | 013,155,076 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 029.wav
[2010/11/03 05:54:51 | 016,152,622 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 028.wav
[2010/11/03 05:51:46 | 009,044,014 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 027.wav
[2010/11/03 05:50:02 | 010,374,190 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 026.wav
[2010/11/03 05:48:02 | 012,103,726 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 025.wav
[2010/11/03 05:45:43 | 008,504,110 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 024.wav
[2010/11/03 05:44:02 | 007,122,196 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 023.wav
[2010/11/03 05:42:21 | 008,611,630 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 022.wav
[2010/11/03 05:39:57 | 108,180,526 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 021.wav
[2010/11/03 05:18:34 | 000,973,102 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 020.wav
[2010/11/02 15:43:57 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-2jp.doc
[2010/10/30 15:49:44 | 000,103,936 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-29jp.doc
[2010/10/29 13:38:37 | 000,076,800 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-30jp.doc
[2010/10/28 15:27:44 | 000,086,016 | ---- | M] () -- C:\WINDOWS\System32\NtDirect.dll
[2010/10/28 13:37:45 | 2976,081,570 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 019.wav
[2010/10/27 16:24:15 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-27jp.doc
[2010/10/26 16:19:43 | 000,094,720 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-26jp.doc
[2010/10/25 16:48:49 | 000,078,848 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-25jp.doc
[2010/10/25 10:59:10 | 1473,129,676 | ---- | M] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 018.wav
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/21 07:54:30 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\~$w to calculate.doc
[2010/11/19 15:12:34 | 000,292,986 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\5SimplyPowerfulSPStrategies.pdf
[2010/11/19 12:33:08 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Resume[1].doc
[2010/11/17 12:54:31 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/11/17 12:54:29 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/11/17 12:54:29 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/11/17 12:54:29 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/11/17 12:54:26 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/11/17 05:55:16 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\start
[2010/11/17 05:51:02 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\completescan
[2010/11/17 05:37:39 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\install
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/11/17 05:36:55 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/11/17 05:36:54 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/11/17 05:36:53 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/11/17 05:36:53 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/11/17 05:36:42 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/11/17 05:36:41 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/11/17 05:25:33 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\ttux.qqo
[2010/11/16 18:19:16 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Desktop\海通证券网上交易系统.lnk
[2010/11/16 18:19:16 | 000,000,427 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Desktop\海通证券大智慧.lnk
[2010/11/16 13:39:44 | 000,084,480 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-16jp.doc
[2010/11/16 12:04:01 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\露茜女士命盘.doc
[2010/11/11 21:27:29 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\DailyMPTable.xls
[2010/11/06 08:01:04 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Desktop\1000 Free Songs!.lnk
[2010/11/05 13:36:46 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\CalculationTable.xls
[2010/11/03 13:44:29 | 000,079,872 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-3jp.doc
[2010/11/03 05:58:42 | 1878,729,894 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 031.wav
[2010/11/03 05:57:29 | 006,222,382 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 030.wav
[2010/11/03 05:54:56 | 013,155,076 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 029.wav
[2010/11/03 05:51:47 | 016,152,622 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 028.wav
[2010/11/03 05:50:04 | 009,044,014 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 027.wav
[2010/11/03 05:48:04 | 010,374,190 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 026.wav
[2010/11/03 05:45:45 | 012,103,726 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 025.wav
[2010/11/03 05:44:06 | 008,504,110 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 024.wav
[2010/11/03 05:42:41 | 007,122,196 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 023.wav
[2010/11/03 05:40:44 | 008,611,630 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 022.wav
[2010/11/03 05:19:13 | 108,180,526 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 021.wav
[2010/11/03 05:18:20 | 000,973,102 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 020.wav
[2010/11/02 12:54:14 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\11-2jp.doc
[2010/10/29 13:28:12 | 000,076,800 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-30jp.doc
[2010/10/28 15:27:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\NtDirect.dll
[2010/10/28 12:54:24 | 000,103,936 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-29jp.doc
[2010/10/27 12:21:51 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-27jp.doc
[2010/10/26 16:19:42 | 000,094,720 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-26jp.doc
[2010/10/26 05:03:58 | 2976,081,570 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 019.wav
[2010/10/25 10:45:24 | 000,078,848 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\10-25jp.doc
[2010/10/25 04:58:53 | 1473,129,676 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\My Documents\Untitled 018.wav
[2010/10/05 12:09:09 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/27 14:27:29 | 000,000,242 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010/09/27 14:27:29 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010/09/27 14:27:23 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/09/27 14:27:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/09/27 14:23:55 | 000,031,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/07/12 18:25:03 | 000,000,035 | ---- | C] () -- C:\WINDOWS\vbupdtx.ini
[2010/07/12 17:47:41 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/07/10 14:18:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\uciqujarowijehul.dll
[2010/07/08 14:41:55 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\AscSQLite.dll
[2010/06/30 04:47:11 | 000,000,107 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/06/06 15:57:35 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\htverify.dat
[2010/06/06 15:57:35 | 000,000,136 | ---- | C] () -- C:\Program Files\Common Files\jyverify.dat
[2010/06/06 07:27:33 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/05 08:15:48 | 000,000,043 | ---- | C] () -- C:\WINDOWS\ib.ini
[2010/06/05 08:15:35 | 000,026,624 | ---- | C] () -- C:\WINDOWS\GetIe.dll
[2010/05/28 16:53:13 | 000,086,768 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2008/07/01 22:52:03 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/07/01 22:52:03 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008/07/01 22:51:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2008/07/01 22:31:25 | 002,702,848 | R--- | C] () -- C:\WINDOWS\System32\s3gcil_inv.dll
[2008/07/01 22:27:37 | 000,011,015 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/07/01 22:23:27 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/07/01 22:23:17 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/07/01 15:07:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/02/07 11:30:30 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/02/07 11:30:30 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/02/07 11:30:30 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/02/07 11:30:30 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007/02/07 11:30:30 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/02/07 11:30:30 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/02/07 11:30:30 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2004/09/17 16:37:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2003/01/07 13:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/22 05:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

gkerr101
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-11-17
OS OS : Window XP
Points Points : 22148
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I couldn't do anything because of ThinkPoint. Anyone can help me?

Post by gkerr101 on Mon Nov 22, 2010 3:22 am

As I told you that I try to use Malwarebyte, Superantispareware and CCLean but all don't work. But strangely, when I download the Spyware Doc., I haven't run the software yet, the thinkpoint is gone. But I still have strange problem like if I click on something from google, a not related page comes up. Is it possible the ThinkPoint is still there?

gkerr101
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-11-17
OS OS : Window XP
Points Points : 22148
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I couldn't do anything because of ThinkPoint. Anyone can help me?

Post by Belahzur on Tue Nov 23, 2010 1:07 am

Hello.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O32 - AutoRun File - [2010/07/10 17:02:48 | 000,000,057 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
    O32 - AutoRun File - [2010/07/10 17:02:48 | 000,000,057 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
    O33 - MountPoints2\{dfba6804-6f3f-11df-a8b1-001d608baa82}\Shell\AutoRun\command - "" = F:\iuvvl9f3.exe -- File not found
    O33 - MountPoints2\{dfba6804-6f3f-11df-a8b1-001d608baa82}\Shell\open\Command - "" = F:\iuvvl9f3.exe -- File not found
    O33 - MountPoints2\C\Shell\AutoRun\command - "" = C:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
    O33 - MountPoints2\C\Shell\open\Command - "" = C:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
    O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
    O33 - MountPoints2\D\Shell\open\Command - "" = D:\ggb6w.exe -- [2010/07/10 16:58:27 | 000,117,248 | RHS- | M] ()
    [2010/11/17 05:55:16 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\start
    [2010/11/17 05:51:02 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\completescan
    [2010/11/17 05:37:39 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Grorge Kerr\Application Data\install
    [2010/11/17 05:25:33 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\ttux.qqo


    C:\WINDOWS\tasks\At*.job


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum