70 search engine removal

View previous topic View next topic Go down

70 search engine removal

Post by nukeone on 20th February 2011, 3:12 am

how do i remove a 70 search engine that loads with windows explorer No way!

nukeone
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-02-15
OS OS : xp home
Points Points : 21288
# Likes # Likes : 0

View user profile

Back to top Go down

Re: 70 search engine removal

Post by Belahzur on 20th February 2011, 11:39 pm

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: 70 search engine removal

Post by nukeone on 21st February 2011, 8:34 pm

OTL logfile created on: 2/21/2011 3:26:09 PM - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\DAD\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 40.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1824 3648 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 16.46 Gb Free Space | 44.18% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-USER | User Name: DAD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/19 21:07:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
PRC - [2011/01/01 21:43:13 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2011/01/01 21:42:52 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2011/01/01 21:42:33 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2011/01/01 21:42:21 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/12/31 10:42:43 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/12/31 10:42:33 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/09 17:24:58 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe
PRC - [2004/07/07 18:16:24 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe
PRC - [2004/06/16 18:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/05/13 16:46:02 | 000,053,248 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\SWUPDTMR.EXE
PRC - [2004/04/22 18:23:44 | 000,098,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/03/03 14:57:36 | 000,278,528 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2004/03/03 14:57:12 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2004/03/02 15:45:28 | 000,135,168 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2004/02/03 16:47:06 | 001,089,589 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Touch and Launch\PadExe.exe
PRC - [2003/10/20 11:37:58 | 000,475,136 | ---- | M] (TOSHIBA Corporation) -- C:\TOSHIBA\IVP\ISM\Ivpsvmgr.exe
PRC - [2003/09/05 05:24:46 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2003/05/23 15:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003/03/14 13:38:12 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe


========== Modules (SafeList) ==========

MOD - [2011/02/19 21:07:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
MOD - [2004/08/04 07:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/04/22 18:23:36 | 000,066,048 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/01 21:42:33 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2004/07/07 18:16:24 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2004/06/16 18:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/05/13 16:46:02 | 000,053,248 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\SWUPDTMR.EXE -- (Swupdtmr)
SRV - [2003/05/23 15:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - [2010/12/31 10:42:44 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/12/31 10:42:42 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/12/31 10:42:34 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/11/27 17:38:31 | 000,015,890 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/12/22 19:45:36 | 000,393,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/04/22 18:18:48 | 000,182,688 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/04/14 16:52:22 | 000,005,632 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atiide.sys -- (atiide)
DRV - [2004/03/09 22:28:38 | 000,680,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/02/27 03:31:38 | 000,004,224 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2004/02/27 02:50:38 | 000,611,820 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 13:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2004/02/20 17:00:44 | 001,265,388 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/01/30 12:32:32 | 000,090,480 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2003/12/05 21:53:00 | 000,068,352 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023)
DRV - [2003/10/27 15:59:00 | 000,013,842 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atisgkaf.sys -- (caboagp)
DRV - [2003/10/22 22:15:02 | 000,067,024 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/10/22 22:15:02 | 000,024,698 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/02/18 21:02:06 | 000,042,092 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiumfwl.sys -- (tiumfwl)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002/12/10 18:13:22 | 000,007,552 | ---- | M] (Texas Instruments Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tiumflt.sys -- (DevUpper)
DRV - [2002/11/05 18:00:46 | 000,039,424 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4d1cc1dc&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011/01/02 13:39:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2011/01/01 21:44:03 | 000,000,000 | ---D | M]

[2010/11/27 18:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Extensions
[2010/11/27 18:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\kltnimub.default\extensions
[2011/01/02 13:39:44 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
[2011/01/01 21:44:03 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.010.006.004" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
[2011/02/14 12:29:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

O1 HOSTS File: ([2011/02/05 22:46:37 | 000,429,726 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14795 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [Notebook Maximizer] C:\Program Files\Notebook Maximizer\maximizer_startup.exe ()
O4 - HKLM..\Run: [PadTouch] C:\Program Files\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} [You must be registered and logged in to see this link.] (MUCatalogWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 184.16.33.54
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Toshiba.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Toshiba.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/12 16:16:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/20 00:35:03 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/02/20 00:35:03 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/02/20 00:35:03 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/02/19 21:54:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/02/19 21:07:47 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
[2011/02/15 06:22:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\Malwarebytes
[2011/02/15 06:22:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/15 06:22:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/02/15 06:21:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/02/15 06:21:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/02/15 06:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/15 05:21:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2011/02/15 05:21:51 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2011/02/15 05:21:51 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umandlg.dll
[2011/02/15 05:21:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2011/02/15 05:21:50 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2011/02/14 13:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\Uniblue
[2011/02/14 13:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Local Settings\Application Data\PackageAware
[2011/02/14 13:29:12 | 007,090,272 | ---- | C] (Uniblue Systems Ltd ) -- C:\Documents and Settings\DAD\My Documents\registrybooster.exe
[2011/02/14 12:46:32 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011/02/14 12:46:32 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011/02/14 12:46:32 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011/02/14 12:46:32 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011/02/14 12:46:32 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011/02/14 12:46:32 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011/02/14 12:46:31 | 000,000,000 | ---D | C] -- C:\7e6abd1d1f96d4195692ad4d1c2606
[2011/02/14 12:29:20 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/02/14 11:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Schwab
[2011/02/14 11:35:20 | 000,276,352 | ---- | C] (Xceed Software Inc (450) 442-2626 [You must be registered and logged in to see this link.] [You must be registered and logged in to see this link.] -- C:\WINDOWS\System32\XceedSco.dll
[2011/02/13 22:13:39 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/02/13 22:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011/02/13 21:42:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2011/02/13 21:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Local Settings\Application Data\Microsoft Corporation
[2011/02/13 21:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2011/02/13 15:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\licenses
[2011/02/13 15:54:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\PCMM2009
[2011/02/13 15:53:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\PCMM2010
[2011/02/13 15:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\PC MightyMax 2010
[2011/02/13 10:31:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/02/13 10:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/02/13 10:27:40 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\DAD\My Documents\SpybotSD_1.6.2.exe
[2011/02/13 09:35:56 | 000,102,400 | ---- | C] (ATI Technologies, Inc.) -- C:\Documents and Settings\DAD\My Documents\oemdspif.dll
[2011/02/13 00:31:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Local Settings\Application Data\AskToolbar
[2011/02/13 00:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011/02/13 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced Registry Optimizer
[2011/02/12 21:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2011/02/12 21:21:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/02/11 09:41:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FreeFileOpener
[2011/02/11 09:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFileOpener
[2011/02/11 09:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\Schwab
[2011/02/09 17:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\My Documents\ATI Technologies, Inc - Video - ATI MOBILITY RADEON 7000 IGP
[2011/02/09 16:05:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/02/09 16:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/02/09 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/02/09 15:58:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2011/02/09 14:28:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/02/09 14:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2011/02/09 14:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2011/02/09 14:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar Installer
[2011/02/09 14:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Whiz
[2011/02/09 14:18:22 | 001,046,736 | ---- | C] (Driver Whiz ) -- C:\Documents and Settings\DAD\My Documents\Driverwhiz.exe
[2011/02/05 21:32:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/01/31 16:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2011/01/31 16:40:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\My Documents\My Notebook
[2011/01/24 13:09:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Local Settings\Application Data\Citrix
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/21 15:27:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/02/21 15:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/02/21 14:47:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/21 14:47:00 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/21 10:34:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-686831806-47917544-941616000-1006UA.job
[2011/02/21 09:29:41 | 071,488,505 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/02/21 09:23:32 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/02/21 09:23:21 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\Notebook Maximizer.LNK
[2011/02/21 09:22:38 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-686831806-47917544-941616000-1006.job
[2011/02/21 09:22:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/21 09:21:58 | 1274,597,376 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/20 17:34:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-686831806-47917544-941616000-1006Core.job
[2011/02/20 00:36:01 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011/02/19 21:30:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/02/19 21:07:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
[2011/02/19 20:26:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-686831806-47917544-941616000-1006.job
[2011/02/19 19:11:05 | 000,000,535 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\HOT MAIL.url
[2011/02/17 21:17:48 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/15 23:25:06 | 000,002,229 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/02/15 10:53:29 | 000,575,752 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/15 10:53:28 | 000,123,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/15 10:38:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/15 06:22:02 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/15 06:12:11 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\GEEK'S SQUAD.url
[2011/02/14 13:29:15 | 007,090,272 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\DAD\My Documents\registrybooster.exe
[2011/02/14 13:14:36 | 000,144,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/14 11:35:27 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StreetSmart Pro Readme.lnk
[2011/02/14 11:35:24 | 000,000,553 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StreetSmart Pro.lnk
[2011/02/14 11:07:21 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\Charles Schwab Investment Services Including Online Investing.url
[2011/02/13 21:40:39 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
[2011/02/13 10:52:08 | 000,000,959 | ---- | M] () -- C:\Documents and Settings\DAD\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/02/13 10:52:08 | 000,000,941 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\Spybot - Search & Destroy.lnk
[2011/02/13 10:27:41 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\DAD\My Documents\SpybotSD_1.6.2.exe
[2011/02/12 22:29:45 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/09 14:18:23 | 001,046,736 | ---- | M] (Driver Whiz ) -- C:\Documents and Settings\DAD\My Documents\Driverwhiz.exe
[2011/02/05 22:46:37 | 000,429,726 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/02 22:48:10 | 000,118,378 | ---- | M] () -- C:\Documents and Settings\DAD\My Documents\Untitled.mbw
[2011/02/02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/02/02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/02/02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/02/02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/02/02 19:19:39 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/02/02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/01/31 16:55:04 | 000,000,894 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2011/01/30 10:59:13 | 000,000,882 | ---- | M] () -- C:\WINDOWS\orun32.ini
[2011/01/24 13:09:07 | 000,103,784 | ---- | M] () -- C:\Documents and Settings\DAD\GoToAssistDownloadHelper.exe
[2011/01/22 23:03:52 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\DAD\My Documents\Securities-20110122-230312.xls
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/15 23:25:06 | 000,002,229 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/02/15 06:30:30 | 1274,597,376 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/15 06:22:02 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/15 06:12:11 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\DAD\Desktop\GEEK'S SQUAD.url
[2011/02/14 11:35:27 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StreetSmart Pro Readme.lnk
[2011/02/14 11:35:24 | 000,000,553 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StreetSmart Pro.lnk
[2011/02/13 22:11:21 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011/02/13 21:40:39 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
[2011/02/13 21:40:39 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
[2011/02/13 10:31:44 | 000,000,959 | ---- | C] () -- C:\Documents and Settings\DAD\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/02/13 10:31:44 | 000,000,941 | ---- | C] () -- C:\Documents and Settings\DAD\Desktop\Spybot - Search & Destroy.lnk
[2011/02/13 00:18:45 | 000,000,230 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/02/12 22:29:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/12 21:44:28 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/02/12 17:29:25 | 000,000,970 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-686831806-47917544-941616000-1006UA.job
[2011/02/12 17:29:24 | 000,000,918 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-686831806-47917544-941616000-1006Core.job
[2011/02/08 10:43:53 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/02/08 10:43:53 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2011/01/24 13:09:06 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\DAD\GoToAssistDownloadHelper.exe
[2011/01/22 23:03:51 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\DAD\My Documents\Securities-20110122-230312.xls
[2010/12/30 10:32:01 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2010/11/27 17:00:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/11/27 17:00:04 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/08/12 17:23:42 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/08/12 17:23:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/08/12 17:23:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/08/12 17:23:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/08/12 17:23:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/08/12 17:23:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/08/12 17:15:40 | 000,000,894 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/08/12 17:06:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2004/08/12 17:00:21 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\MousePage.dll
[2004/08/12 17:00:21 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2004/08/12 16:52:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/08/12 16:51:23 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2004/08/12 16:51:23 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2004/08/12 16:51:23 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2004/08/12 16:51:23 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2004/08/12 16:47:47 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2004/08/12 16:47:44 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/08/12 16:43:33 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2004/08/12 16:31:47 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/12 16:27:20 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/12 16:12:25 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/12 15:40:26 | 000,000,384 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/12 15:33:59 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/12 09:07:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/03/09 22:27:06 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

< End of report >

nukeone
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-02-15
OS OS : xp home
Points Points : 21288
# Likes # Likes : 0

View user profile

Back to top Go down

Re: 70 search engine removal

Post by nukeone on 21st February 2011, 8:38 pm

OTL logfile created on: 2/21/2011 3:26:09 PM - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\DAD\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 40.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1824 3648 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 16.46 Gb Free Space | 44.18% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-USER | User Name: DAD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/19 21:07:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
PRC - [2011/01/01 21:43:13 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2011/01/01 21:42:52 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2011/01/01 21:42:33 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2011/01/01 21:42:21 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/12/31 10:42:43 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/12/31 10:42:33 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/09 17:24:58 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe
PRC - [2004/07/07 18:16:24 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe
PRC - [2004/06/16 18:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/05/13 16:46:02 | 000,053,248 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\SWUPDTMR.EXE
PRC - [2004/04/22 18:23:44 | 000,098,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/03/03 14:57:36 | 000,278,528 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2004/03/03 14:57:12 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2004/03/02 15:45:28 | 000,135,168 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2004/02/03 16:47:06 | 001,089,589 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Touch and Launch\PadExe.exe
PRC - [2003/10/20 11:37:58 | 000,475,136 | ---- | M] (TOSHIBA Corporation) -- C:\TOSHIBA\IVP\ISM\Ivpsvmgr.exe
PRC - [2003/09/05 05:24:46 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2003/05/23 15:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003/03/14 13:38:12 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe


========== Modules (SafeList) ==========

MOD - [2011/02/19 21:07:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
MOD - [2004/08/04 07:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/04/22 18:23:36 | 000,066,048 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/01 21:42:33 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2004/07/07 18:16:24 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2004/06/16 18:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/05/13 16:46:02 | 000,053,248 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\SWUPDTMR.EXE -- (Swupdtmr)
SRV - [2003/05/23 15:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - [2010/12/31 10:42:44 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/12/31 10:42:42 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/12/31 10:42:34 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/11/27 17:38:31 | 000,015,890 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/12/22 19:45:36 | 000,393,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/04/22 18:18:48 | 000,182,688 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/04/14 16:52:22 | 000,005,632 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atiide.sys -- (atiide)
DRV - [2004/03/09 22:28:38 | 000,680,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/02/27 03:31:38 | 000,004,224 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2004/02/27 02:50:38 | 000,611,820 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 13:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2004/02/20 17:00:44 | 001,265,388 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/01/30 12:32:32 | 000,090,480 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2003/12/05 21:53:00 | 000,068,352 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023)
DRV - [2003/10/27 15:59:00 | 000,013,842 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atisgkaf.sys -- (caboagp)
DRV - [2003/10/22 22:15:02 | 000,067,024 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/10/22 22:15:02 | 000,024,698 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/02/18 21:02:06 | 000,042,092 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiumfwl.sys -- (tiumfwl)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002/12/10 18:13:22 | 000,007,552 | ---- | M] (Texas Instruments Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tiumflt.sys -- (DevUpper)
DRV - [2002/11/05 18:00:46 | 000,039,424 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4d1cc1dc&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011/01/02 13:39:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2011/01/01 21:44:03 | 000,000,000 | ---D | M]

[2010/11/27 18:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Extensions
[2010/11/27 18:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DAD\Application Data\Mozilla\Firefox\Profiles\kltnimub.default\extensions
[2011/01/02 13:39:44 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
[2011/01/01 21:44:03 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.010.006.004" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
[2011/02/14 12:29:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

O1 HOSTS File: ([2011/02/05 22:46:37 | 000,429,726 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14795 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [Notebook Maximizer] C:\Program Files\Notebook Maximizer\maximizer_startup.exe ()
O4 - HKLM..\Run: [PadTouch] C:\Program Files\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} [You must be registered and logged in to see this link.] (MUCatalogWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 184.16.33.54
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Toshiba.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Toshiba.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/12 16:16:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/20 00:35:03 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/02/20 00:35:03 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/02/20 00:35:03 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/02/19 21:54:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/02/19 21:07:47 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
[2011/02/15 06:22:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\Malwarebytes
[2011/02/15 06:22:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/15 06:22:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/02/15 06:21:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/02/15 06:21:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/02/15 06:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/15 05:21:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2011/02/15 05:21:51 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2011/02/15 05:21:51 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umandlg.dll
[2011/02/15 05:21:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2011/02/15 05:21:50 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2011/02/14 13:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\Uniblue
[2011/02/14 13:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Local Settings\Application Data\PackageAware
[2011/02/14 13:29:12 | 007,090,272 | ---- | C] (Uniblue Systems Ltd ) -- C:\Documents and Settings\DAD\My Documents\registrybooster.exe
[2011/02/14 12:46:32 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011/02/14 12:46:32 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011/02/14 12:46:32 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011/02/14 12:46:32 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011/02/14 12:46:32 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011/02/14 12:46:32 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011/02/14 12:46:31 | 000,000,000 | ---D | C] -- C:\7e6abd1d1f96d4195692ad4d1c2606
[2011/02/14 12:29:20 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/02/14 11:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Schwab
[2011/02/14 11:35:20 | 000,276,352 | ---- | C] (Xceed Software Inc (450) 442-2626 [You must be registered and logged in to see this link.] [You must be registered and logged in to see this link.] -- C:\WINDOWS\System32\XceedSco.dll
[2011/02/13 22:13:39 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/02/13 22:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011/02/13 21:42:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2011/02/13 21:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Local Settings\Application Data\Microsoft Corporation
[2011/02/13 21:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2011/02/13 15:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\licenses
[2011/02/13 15:54:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\PCMM2009
[2011/02/13 15:53:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Application Data\PCMM2010
[2011/02/13 15:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\PC MightyMax 2010
[2011/02/13 10:31:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/02/13 10:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/02/13 10:27:40 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\DAD\My Documents\SpybotSD_1.6.2.exe
[2011/02/13 09:35:56 | 000,102,400 | ---- | C] (ATI Technologies, Inc.) -- C:\Documents and Settings\DAD\My Documents\oemdspif.dll
[2011/02/13 00:31:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Local Settings\Application Data\AskToolbar
[2011/02/13 00:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011/02/13 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced Registry Optimizer
[2011/02/12 21:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2011/02/12 21:21:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/02/11 09:41:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FreeFileOpener
[2011/02/11 09:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFileOpener
[2011/02/11 09:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\Schwab
[2011/02/09 17:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\My Documents\ATI Technologies, Inc - Video - ATI MOBILITY RADEON 7000 IGP
[2011/02/09 16:05:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/02/09 16:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/02/09 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/02/09 15:58:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2011/02/09 14:28:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/02/09 14:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2011/02/09 14:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2011/02/09 14:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar Installer
[2011/02/09 14:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Whiz
[2011/02/09 14:18:22 | 001,046,736 | ---- | C] (Driver Whiz ) -- C:\Documents and Settings\DAD\My Documents\Driverwhiz.exe
[2011/02/05 21:32:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/01/31 16:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2011/01/31 16:40:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\My Documents\My Notebook
[2011/01/24 13:09:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAD\Local Settings\Application Data\Citrix
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/21 15:27:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/02/21 15:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/02/21 14:47:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/21 14:47:00 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/21 10:34:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-686831806-47917544-941616000-1006UA.job
[2011/02/21 09:29:41 | 071,488,505 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/02/21 09:23:32 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/02/21 09:23:21 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\Notebook Maximizer.LNK
[2011/02/21 09:22:38 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-686831806-47917544-941616000-1006.job
[2011/02/21 09:22:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/21 09:21:58 | 1274,597,376 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/20 17:34:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-686831806-47917544-941616000-1006Core.job
[2011/02/20 00:36:01 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011/02/19 21:30:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/02/19 21:07:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAD\Desktop\OTL.exe
[2011/02/19 20:26:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-686831806-47917544-941616000-1006.job
[2011/02/19 19:11:05 | 000,000,535 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\HOT MAIL.url
[2011/02/17 21:17:48 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/15 23:25:06 | 000,002,229 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/02/15 10:53:29 | 000,575,752 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/15 10:53:28 | 000,123,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/15 10:38:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/15 06:22:02 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/15 06:12:11 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\GEEK'S SQUAD.url
[2011/02/14 13:29:15 | 007,090,272 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\DAD\My Documents\registrybooster.exe
[2011/02/14 13:14:36 | 000,144,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/14 11:35:27 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StreetSmart Pro Readme.lnk
[2011/02/14 11:35:24 | 000,000,553 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StreetSmart Pro.lnk
[2011/02/14 11:07:21 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\Charles Schwab Investment Services Including Online Investing.url
[2011/02/13 21:40:39 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
[2011/02/13 10:52:08 | 000,000,959 | ---- | M] () -- C:\Documents and Settings\DAD\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/02/13 10:52:08 | 000,000,941 | ---- | M] () -- C:\Documents and Settings\DAD\Desktop\Spybot - Search & Destroy.lnk
[2011/02/13 10:27:41 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\DAD\My Documents\SpybotSD_1.6.2.exe
[2011/02/12 22:29:45 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/09 14:18:23 | 001,046,736 | ---- | M] (Driver Whiz ) -- C:\Documents and Settings\DAD\My Documents\Driverwhiz.exe
[2011/02/05 22:46:37 | 000,429,726 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/02 22:48:10 | 000,118,378 | ---- | M] () -- C:\Documents and Settings\DAD\My Documents\Untitled.mbw
[2011/02/02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/02/02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/02/02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/02/02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/02/02 19:19:39 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/02/02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/01/31 16:55:04 | 000,000,894 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2011/01/30 10:59:13 | 000,000,882 | ---- | M] () -- C:\WINDOWS\orun32.ini
[2011/01/24 13:09:07 | 000,103,784 | ---- | M] () -- C:\Documents and Settings\DAD\GoToAssistDownloadHelper.exe
[2011/01/22 23:03:52 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\DAD\My Documents\Securities-20110122-230312.xls
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/15 23:25:06 | 000,002,229 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/02/15 06:30:30 | 1274,597,376 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/15 06:22:02 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/15 06:12:11 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\DAD\Desktop\GEEK'S SQUAD.url
[2011/02/14 11:35:27 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StreetSmart Pro Readme.lnk
[2011/02/14 11:35:24 | 000,000,553 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StreetSmart Pro.lnk
[2011/02/13 22:11:21 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011/02/13 21:40:39 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
[2011/02/13 21:40:39 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
[2011/02/13 10:31:44 | 000,000,959 | ---- | C] () -- C:\Documents and Settings\DAD\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/02/13 10:31:44 | 000,000,941 | ---- | C] () -- C:\Documents and Settings\DAD\Desktop\Spybot - Search & Destroy.lnk
[2011/02/13 00:18:45 | 000,000,230 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/02/12 22:29:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/12 21:44:28 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/02/12 17:29:25 | 000,000,970 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-686831806-47917544-941616000-1006UA.job
[2011/02/12 17:29:24 | 000,000,918 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-686831806-47917544-941616000-1006Core.job
[2011/02/08 10:43:53 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/02/08 10:43:53 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2011/01/24 13:09:06 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\DAD\GoToAssistDownloadHelper.exe
[2011/01/22 23:03:51 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\DAD\My Documents\Securities-20110122-230312.xls
[2010/12/30 10:32:01 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2010/11/27 17:00:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/11/27 17:00:04 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/08/12 17:23:42 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/08/12 17:23:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/08/12 17:23:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/08/12 17:23:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/08/12 17:23:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/08/12 17:23:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/08/12 17:15:40 | 000,000,894 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/08/12 17:06:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2004/08/12 17:00:21 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\MousePage.dll
[2004/08/12 17:00:21 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2004/08/12 16:52:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/08/12 16:51:23 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2004/08/12 16:51:23 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2004/08/12 16:51:23 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2004/08/12 16:51:23 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2004/08/12 16:47:47 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2004/08/12 16:47:44 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/08/12 16:43:33 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2004/08/12 16:31:47 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/12 16:27:20 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/12 16:12:25 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/12 15:40:26 | 000,000,384 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/12 15:33:59 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/12 09:07:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/03/09 22:27:06 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

< End of report >

nukeone
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-02-15
OS OS : xp home
Points Points : 21288
# Likes # Likes : 0

View user profile

Back to top Go down

Re: 70 search engine removal

Post by Belahzur on 22nd February 2011, 1:29 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: 70 search engine

Post by nukeone on 22nd February 2011, 2:59 pm

heMalwarebytes' Anti-Malware 1.50.1.1100
[You must be registered and logged in to see this link.]

Database version: 5839

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

2/22/2011 9:50:37 AM
mbam-log-2011-02-22 (09-50-37).txt

Scan type: Quick scan
Objects scanned: 142626
Time elapsed: 15 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
re is the results of my scan: as you can see 70 search engine is not affected. is there anything else i can try?

nukeone
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-02-15
OS OS : xp home
Points Points : 21288
# Likes # Likes : 0

View user profile

Back to top Go down

Re: 70 search engine removal

Post by Belahzur on 23rd February 2011, 1:22 am

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum