Personal internet security 2011

View previous topic View next topic Go down

Personal internet security 2011

Post by nupperton on Mon 27 Dec 2010, 11:03 pm

I believe the program Personal internet security 2011 has hijacked my PC and is advising that I have a number of malware/trojan and spyware on my pc and wanting me to purchase a better security system. I had downloaded MSE as my security prior to this message appearing. I have tried to delete but this will no delete and keeps returning. I have run OTL but have been unable to paste into this message as it is saying it it too large so I have tried to add as a document


Last edited by nupperton on Wed 29 Dec 2010, 2:23 am; edited 3 times in total (Reason for editing : to add otl reports)

nupperton

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-27
Operating System : windows 7

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by Belahzur on Tue 28 Dec 2010, 8:37 am

Hello.
Can you attach the logs?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by nupperton on Wed 29 Dec 2010, 2:26 am

I have managed to remove the software from my PC using malwarebytes as suggested in another thread but now I am unable to connect to the internet - get a dns with the error stating "the remote device or resource wont accept the connection". The computer is showing as being connected to the internet with an excellent signal, any suggestions


Last edited by nupperton on Wed 29 Dec 2010, 2:27 am; edited 1 time in total (Reason for editing : spelling correction)

nupperton

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-27
Operating System : windows 7

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by Belahzur on Wed 29 Dec 2010, 9:20 am

Yes.

Remove the Proxy setting in Internet Explorer and/or in FireFox.

    In Internet Explorer
  1. Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

    In Firefox
  1. Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection > Choose "No Proxy"
  2. Click the apply button and restart that computer in normal mode.


Try connecting now.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by nupperton on Wed 29 Dec 2010, 10:51 pm

thanks for that, I am now able to access the internet but I cannot access any search engines (goggle, yahoo etc). I have tried resetting internet explorer settings, checked in hosts that it has the correct local hosts but nothing seems to work, can you help me with this?


nupperton

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-27
Operating System : windows 7

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by Belahzur on Thu 30 Dec 2010, 12:22 pm

Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by nupperton on Fri 31 Dec 2010, 1:13 am

OTL logfile created on: 30/12/2010 14:08:44 - Run 2
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Users\Nikie\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 366.12 Gb Total Space | 331.18 Gb Free Space | 90.46% Space Free | Partition Type: NTFS

Computer Name: NIKIE1969 | User Name: Nikie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/30 14:08:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Nikie\Downloads\OTL.exe
PRC - [2010/12/24 23:42:05 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/26 10:27:10 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/03/16 16:18:26 | 000,452,608 | ---- | M] () -- C:\Program Files (x86)\OEM\DSG OSD 1.01\SunflowerOSD.exe
PRC - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 19:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/11/03 00:24:58 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10d.exe


========== Modules (SafeList) ==========

MOD - [2010/12/30 14:08:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Nikie\Downloads\OTL.exe
MOD - [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/06 22:50:18 | 000,244,224 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_6d4d1665097f1e86\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/26 10:27:14 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/15 07:12:32 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/03/03 18:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/02 12:25:00 | 001,098,784 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2010/02/25 10:26:58 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\JME.sys -- (JME) JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits)
DRV:64bit: - [2010/01/13 22:38:52 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/12/02 14:58:40 | 000,153,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/09/02 10:54:00 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/14 01:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 01:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 20:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25416



O1 HOSTS File: ([2010/12/26 15:34:32 | 000,002,686 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 [You must be registered and logged in to see this link.]
O1 - Hosts: 74.125.45.100 [You must be registered and logged in to see this link.]
O1 - Hosts: 74.125.45.100 [You must be registered and logged in to see this link.]
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 [You must be registered and logged in to see this link.]
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 64.27.9.110 [You must be registered and logged in to see this link.]
O1 - Hosts: 64.27.9.110 google.com
O1 - Hosts: 64.27.9.110 google.com.au
O1 - Hosts: 64.27.9.110 [You must be registered and logged in to see this link.]
O1 - Hosts: 64.27.9.110 google.be
O1 - Hosts: 64.27.9.110 [You must be registered and logged in to see this link.]
O1 - Hosts: 64.27.9.110 google.com.br
O1 - Hosts: 64.27.9.110 [You must be registered and logged in to see this link.]
O1 - Hosts: 64.27.9.110 google.ca
O1 - Hosts: 64.27.9.110 [You must be registered and logged in to see this link.]
O1 - Hosts: 37 more lines...
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll File not found
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll File not found
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKCU..\Run: [Offers] C:\Program Files (x86)\TTG\Offers\Offers.exe (DSG Retail Ltd)
O4 - HKCU..\Run: [Reminder] C:\Program Files (x86)\TTG\Reminder\Reminder.exe (DSG Retail Ltd)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10d.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\PROGRA~2\AVG\AVG10\avgchsva.exe File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\PROGRA~2\AVG\AVG10\avgrsa.exe File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/29 13:11:29 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\{B5198C8E-A229-4CB7-9698-1D4FEFFADB2D}
[2010/12/29 13:11:14 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\Windows Live Writer
[2010/12/29 13:11:14 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Windows Live Writer
[2010/12/28 20:13:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/28 20:07:00 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/12/28 20:04:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/12/28 20:02:44 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2010/12/28 20:02:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010/12/28 20:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/12/28 20:02:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010/12/28 20:01:52 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010/12/28 20:01:52 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010/12/28 20:01:52 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/12/28 20:01:52 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010/12/28 20:01:46 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010/12/28 20:01:46 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010/12/28 19:56:57 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Windows Live
[2010/12/28 19:56:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010/12/28 19:56:10 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010/12/28 19:56:10 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010/12/28 19:56:09 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010/12/28 19:56:09 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010/12/28 19:56:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010/12/28 19:56:08 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010/12/28 19:56:07 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010/12/28 16:29:58 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\Apple Computer
[2010/12/28 16:29:58 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Apple Computer
[2010/12/28 16:29:46 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2010/12/28 16:29:46 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010/12/28 16:29:46 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010/12/28 16:29:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010/12/28 16:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/28 16:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/28 16:29:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/12/28 16:29:23 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/12/28 16:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/12/28 16:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/12/28 16:08:57 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Apple
[2010/12/28 16:08:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/12/28 16:08:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/12/28 16:08:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/28 16:08:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/12/28 16:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/12/28 16:08:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010/12/27 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\Malwarebytes
[2010/12/27 21:09:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/27 21:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/27 21:09:13 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/12/27 21:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/12/27 12:16:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2010/12/27 12:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2010/12/26 15:53:21 | 037,366,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2010/12/26 15:47:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/12/26 15:47:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2010/12/26 15:46:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/12/26 15:45:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010/12/26 15:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/12/26 14:40:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\PIXZRTS
[2010/12/26 14:40:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\b52ba5
[2010/12/25 22:10:06 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Microsoft Help
[2010/12/25 21:58:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/12/25 21:58:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/12/25 09:30:19 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010/12/25 09:10:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/12/25 09:10:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/12/25 09:09:40 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Adobe
[2010/12/24 23:32:49 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010/12/24 23:32:48 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/12/24 23:32:48 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/12/24 23:32:46 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/12/24 23:32:43 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2010/12/24 23:32:43 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2010/12/24 23:32:42 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2010/12/24 23:32:42 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2010/12/24 23:32:42 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2010/12/24 23:32:41 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010/12/24 23:32:41 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2010/12/24 23:32:41 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2010/12/24 23:32:39 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010/12/24 23:32:38 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010/12/24 23:32:38 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/12/24 23:32:37 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010/12/24 23:32:37 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/12/24 23:32:21 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/12/24 23:32:21 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/12/24 23:32:19 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010/12/24 23:32:18 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/12/24 23:32:18 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010/12/24 23:32:17 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/12/24 23:32:17 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/12/24 23:32:09 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/12/24 23:32:08 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/12/24 23:32:08 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/12/24 23:32:02 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/12/24 23:31:59 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/12/24 23:31:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/12/24 23:31:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/12/24 23:31:44 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2010/12/24 23:31:44 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2010/12/24 23:31:42 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/12/24 23:31:39 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/12/24 23:31:37 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/12/24 23:30:56 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010/12/24 23:30:35 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/12/24 23:30:34 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/12/24 23:30:34 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/12/24 23:30:31 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/12/24 23:30:30 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/12/24 23:30:28 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/12/24 23:30:27 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/12/24 23:30:26 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2010/12/24 23:30:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/12/24 23:30:17 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/12/24 23:30:16 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/12/24 23:30:15 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/12/24 23:30:15 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/12/24 23:30:14 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/12/24 23:30:14 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/12/24 23:30:14 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/12/24 23:30:14 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/12/24 23:30:13 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/12/24 23:30:13 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/12/24 23:30:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/12/24 23:30:13 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/12/24 23:30:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/12/24 23:30:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/12/23 19:09:56 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Diagnostics
[2010/12/23 13:54:31 | 000,000,000 | ---D | C] -- C:\Users\Nikie\Documents\Downloads
[2010/12/23 13:23:41 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\Macromedia
[2010/12/23 12:05:35 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2010/12/23 12:02:25 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\Adobe
[2010/12/23 12:01:31 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\Google
[2010/12/23 12:01:30 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Google
[2010/12/23 12:01:23 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\The TechGuys
[2010/12/23 12:01:20 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\Intel Corporation
[2010/12/23 12:00:59 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Searches
[2010/12/23 12:00:59 | 000,000,000 | -H-D | C] -- C:\Users\Nikie\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/12/23 12:00:53 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\Identities
[2010/12/23 12:00:50 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Contacts
[2010/12/23 12:00:48 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\VirtualStore
[2010/12/23 12:00:39 | 000,000,000 | --SD | C] -- C:\Users\Nikie\AppData\Roaming\Microsoft
[2010/12/23 12:00:39 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Videos
[2010/12/23 12:00:39 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Saved Games
[2010/12/23 12:00:39 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Pictures
[2010/12/23 12:00:39 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Music
[2010/12/23 12:00:39 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Links
[2010/12/23 12:00:39 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Favorites
[2010/12/23 12:00:39 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Downloads
[2010/12/23 12:00:39 | 000,000,000 | R--D | C] -- C:\Users\Nikie\My Documents
[2010/12/23 12:00:39 | 000,000,000 | R--D | C] -- C:\Users\Nikie\Desktop
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\AppData\Local\Temporary Internet Files
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\Templates
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\Start Menu
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\SendTo
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\Recent
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\PrintHood
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\NetHood
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\Documents\My Videos
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\Documents\My Pictures
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\Documents\My Music
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\My Documents
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\Local Settings
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\AppData\Local\History
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\Cookies
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\Application Data
[2010/12/23 12:00:39 | 000,000,000 | -HSD | C] -- C:\Users\Nikie\AppData\Local\Application Data
[2010/12/23 12:00:39 | 000,000,000 | -H-D | C] -- C:\Users\Nikie\AppData
[2010/12/23 12:00:39 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Temp
[2010/12/23 12:00:39 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Local\Microsoft
[2010/12/23 12:00:39 | 000,000,000 | ---D | C] -- C:\Users\Nikie\AppData\Roaming\Media Center Programs
[2010/12/23 12:00:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/12/23 10:55:19 | 012,531,712 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2010/12/23 10:55:19 | 003,309,568 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2010/12/23 10:53:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/30 13:51:15 | 000,018,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/30 13:51:15 | 000,018,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/30 13:43:07 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/30 13:42:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/30 13:42:45 | 1583,222,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/29 13:23:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/28 20:04:03 | 000,000,020 | ---- | M] () -- C:\Windows\¸øN
[2010/12/28 16:29:53 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/27 21:24:47 | 000,002,198 | ---- | M] () -- C:\Windows\epplauncher.mif
[2010/12/27 12:16:02 | 000,787,064 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/27 12:16:02 | 000,653,748 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/27 12:16:02 | 000,121,580 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/26 15:47:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010/12/26 15:47:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010/12/26 15:34:32 | 000,002,686 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/12/26 09:00:54 | 000,343,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/12/25 09:23:35 | 000,787,276 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/23 12:01:24 | 000,001,448 | ---- | M] () -- C:\Users\Nikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/23 10:59:14 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/12/23 10:59:14 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/12/08 21:34:08 | 037,366,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/28 20:04:02 | 000,000,020 | ---- | C] () -- C:\Windows\¸øN
[2010/12/28 16:29:53 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/26 15:47:14 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010/12/26 15:47:14 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010/12/23 12:06:26 | 000,002,198 | ---- | C] () -- C:\Windows\epplauncher.mif
[2010/12/23 12:01:24 | 000,001,448 | ---- | C] () -- C:\Users\Nikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/23 12:00:39 | 000,002,180 | ---- | C] () -- C:\Users\Nikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/23 12:00:39 | 000,000,290 | ---- | C] () -- C:\Users\Nikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/12/23 12:00:39 | 000,000,272 | ---- | C] () -- C:\Users\Nikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/12/23 10:53:35 | 1583,222,784 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/26 10:23:13 | 000,787,064 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 21:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

< End of report >

nupperton

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-27
Operating System : windows 7

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by nupperton on Fri 31 Dec 2010, 1:20 am

when I ran OTL it did not crreate second report otl.extras

nupperton

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-27
Operating System : windows 7

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by Belahzur on Fri 31 Dec 2010, 11:53 pm

Hello.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    :commands
    [emptytemp]
    [resethosts]
    [reboot]


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by nupperton on Sat 01 Jan 2011, 4:18 am

brilliant now seems to be all working, thanks for your help

nupperton

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-27
Operating System : windows 7

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by Belahzur on Sat 01 Jan 2011, 11:40 am

Please post the fix result.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Personal internet security 2011

Post by Sponsored content Today at 11:20 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum