Author Topic: Computer Completely infected. (Read 1434 times)

___ · « **on:** August 26, 2009, 03:11:47 PM »

Not sure what exactly I downloaded, however I believe there was an infection in a old memory stick of mine...
Well first off it started with the rogue Windows Antivirus Pro, which I think I was able to remove, however now there is Advanced Virus remover 09...

I've run MalewareBytes, AVG, CC Cleaner, you name it, I've run it...
Yet, I still can't seem to get rid of the virus. Each scan, it finds and removes viruses, yet they still come back?

If needed, I can post some of the logs from MB?

Thanks, again...

Garrett

guestolo · « **Reply #1 on:** August 26, 2009, 03:35:39 PM »

Quote

If needed, I can post some of the logs from MB?

Yes, post the last couple of logs you ran

In addition:
Download [color=\"#FF0000\"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and double click OTL.exe.
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

___ · « **Reply #2 on:** August 26, 2009, 09:16:12 PM »

Here are the MB logs, doing OTL in a sec, will post back in a minute.

___ · « **Reply #3 on:** August 26, 2009, 09:19:41 PM »

OTL.TxtOTL logfile created on: 8/26/2009 9:19:17 PM - Run 1OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Garrett A\DesktopWindows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.64% Memory free3.84 Gb Paging File | 3.14 Gb Available in Paging File | 81.91% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 105.92 Gb Total Space | 69.30 Gb Free Space | 65.43% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: GARRETTCurrent User Name: Garrett ALogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Processes (SafeList) ========== PRC - [2007/12/11 13:22:36 | 00,024,064 | ---- | M] () -- C:\WINDOWS\System32\WLTRYSVC.EXEPRC - [2007/12/11 13:22:12 | 01,921,024 | ---- | M] (Dell Inc.) -- C:\WINDOWS\System32\bcmwltry.exePRC - [2009/08/23 23:07:18 | 00,163,840 | ---- | M] () -- C:\WINDOWS\svchast.exePRC - [2009/08/17 04:33:44 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exePRC - [2009/05/21 11:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exePRC - [2008/03/19 14:26:38 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\STacSV.exePRC - [2009/08/17 04:38:00 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exePRC - [2009/08/17 04:35:19 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exePRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exePRC - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exePRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.exePRC - [2009/04/10 08:35:48 | 00,615,936 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exePRC - [2008/03/19 14:30:08 | 00,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exePRC - [2007/12/11 13:22:36 | 02,183,168 | ---- | M] (Dell Inc.) -- C:\WINDOWS\System32\WLTRAY.exePRC - [2008/03/19 14:26:42 | 00,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exePRC - [2007/10/29 16:33:08 | 00,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exePRC - [2008/11/20 14:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exePRC - [2009/08/17 04:34:31 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exePRC - [2007/08/24 08:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exePRC - [2008/03/19 14:30:06 | 00,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exePRC - [2009/05/21 11:34:07 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exePRC - [2008/03/19 14:34:56 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\hkcmd.exePRC - [2008/03/19 14:34:58 | 00,137,752 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxpers.exePRC - [2007/12/21 10:58:06 | 00,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exePRC - [2008/03/19 14:30:12 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\HidFind.exePRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exePRC - [2008/03/19 14:35:08 | 00,252,440 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.exePRC - [2008/03/19 14:30:06 | 00,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apntex.exePRC - [2006/11/03 18:02:14 | 00,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exePRC - [2009/06/29 23:39:16 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exePRC - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exePRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exePRC - [2009/08/11 17:28:58 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2009/08/26 21:13:33 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Garrett A\Desktop\OTL.exe ========== Win32 Services (SafeList) ========== SRV - [2009/08/23 23:07:18 | 00,163,840 | ---- | M] () -- C:\WINDOWS\svchast.exe -- (AntipPro2009_100 [Auto | Running])SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])SRV - [2009/08/17 04:33:44 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [2009/06/09 15:18:04 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])SRV - [2009/05/21 11:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])SRV - [2007/08/24 07:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])SRV - [2007/08/24 04:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2008/03/19 14:26:38 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\STacSV.exe -- (STacSV [Auto | Running])SRV - [2008/03/24 07:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])SRV - [2007/12/11 13:22:36 | 00,024,064 | ---- | M] () -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc [Auto | Running])SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running]) ========== Driver Services (SafeList) ========== DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs [Auto | Running])DRV - [2001/08/17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Disabled | Stopped])DRV - [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Disabled | Stopped])DRV - [2008/03/19 14:30:06 | 00,164,400 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\System32\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])DRV - [2005/08/12 16:50:46 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV [System | Running])DRV - [2001/08/17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Disabled | Stopped])DRV - [2001/08/17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Disabled | Stopped])DRV - [2009/08/17 04:37:57 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])DRV - [2009/08/17 04:37:58 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])DRV - [2009/05/08 08:51:51 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])DRV - [2007/12/11 13:22:24 | 01,123,328 | ---- | M] (Broadcom Corp.) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Running])DRV - [2001/08/17 13:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Disabled | Stopped])DRV - [2001/08/17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])DRV - [2001/08/17 12:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])DRV - [2008/04/17 14:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])DRV - [2009/05/29 06:14:53 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running])DRV - [2008/04/13 11:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])DRV - [2007/12/02 18:26:20 | 00,211,200 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])DRV - [2007/12/02 18:26:22 | 00,989,952 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])DRV - [2008/03/19 14:35:12 | 05,776,928 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\igxpmp32.sys -- (ialm [On_Demand | Running])DRV - [2008/03/24 14:36:14 | 00,305,176 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor [Boot | Running])DRV - File not found -- Service key not found. -- (idetwwjo [Unknown | Running])DRV - [2008/01/02 16:48:28 | 02,016,256 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Stopped])DRV - [2008/09/22 06:40:46 | 00,109,568 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService [On_Demand | Running])DRV - [2007/12/02 18:26:28 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])DRV - [2001/08/17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Disabled | Stopped])DRV - [2009/05/09 01:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NuidFltr.sys -- (NuidFltr [On_Demand | Running])DRV - [2004/08/03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])DRV - [2004/08/04 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2007/11/14 03:00:00 | 00,043,840 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])DRV - [2001/08/17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Disabled | Stopped])DRV - [2001/08/17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Disabled | Stopped])DRV - [2001/08/17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Disabled | Stopped])DRV - File not found -- Service key not found. -- (qmvxky [Unknown | Running])DRV - [2008/03/19 14:36:22 | 00,039,936 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])DRV - [2008/03/19 14:36:20 | 00,042,496 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])DRV - [2008/03/19 14:36:24 | 00,037,376 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])DRV - [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Disabled | Stopped])DRV - [2001/08/17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Disabled | Stopped])DRV - [2008/03/19 14:26:40 | 01,222,840 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys -- (STHDA [On_Demand | Running])DRV - [2001/08/17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])DRV - [2001/08/17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])DRV - [2001/08/17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])DRV - [2001/08/17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])DRV - [2001/08/17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Disabled | Stopped])DRV - [2007/12/02 18:26:20 | 00,731,136 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])DRV - [2008/03/19 14:47:32 | 00,265,856 | ---- | M] (Marvell) -- C:\WINDOWS\System32\DRIVERS\yk51x86.sys -- (yukonwxp [On_Demand | Running])DRV - [2007/10/29 16:44:12 | 00,039,408 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} [Auto | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/homeIE - URLSearchHook: *{00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not foundIE - URLSearchHook: *{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - Reg Error: Key error. File not foundIE - URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not foundIE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"FF - prefs.js..browser.search.order.1: "Yahoo"FF - prefs.js..browser.search.order.2: ""FF - prefs.js..browser.search.selectedEngine: "Google"FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/home.php"FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1FF - prefs.js..extensions.enabledItems: [email protected]:1.11.1FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:2.7.6.0623FF - prefs.js..extensions.enabledItems: [email protected]:1.4.2FF - prefs.js..extensions.enabledItems: [email protected]:3.1.9.0FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.2FF - prefs.js..extensions.enabledItems: {002349F5-59AB-4fdc-8329-BF4248243C95}:0.6.8FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14FF - prefs.js..extensions.enabledItems: [email protected]:1.0FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0FF - prefs.js..extensions.enabledItems: [email protected]:2.1.2FF - prefs.js..extensions.enabledItems: {C31C0925-9639-42FC-B0F4-D6D40C4DA7B0}:1.0FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13FF - prefs.js..extensions.enabledItems: [email protected]:3.1.0FF - prefs.js..extensions.enabledItems: [email protected]:3.1.9.0 FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/06/25 09:18:20 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/02 18:30:52 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/06/25 09:17:36 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/12 03:05:36 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\extensions\\{C31C0925-9639-42FC-B0F4-D6D40C4DA7B0}: C:\Documents and Settings\Garrett A\Local Settings\Application Data\{C31C0925-9639-42FC-B0F4-D6D40C4DA7B0}\ [2009/08/26 15:07:05 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/22 11:59:59 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/22 09:40:39 | 00,000,000 | ---D | M] [2008/12/25 09:40:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Extensions[2008/12/25 09:40:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009/08/26 16:39:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions[2009/08/19 16:58:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\{002349F5-59AB-4fdc-8329-BF4248243C95}[2009/08/16 20:41:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}[2009/08/16 20:29:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}[2009/08/16 20:29:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}[2009/08/16 20:29:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\[email protected][2009/08/19 16:51:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\[email protected][2009/08/19 16:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\[email protected][2009/08/19 16:55:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\[email protected][2009/08/19 12:55:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\[email protected][2009/08/16 20:29:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Garrett A\Application Data\mozilla\Firefox\Profiles\ztpaepyc.default\extensions\[email protected][2009/08/26 18:55:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009/08/11 17:29:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2008/12/25 11:19:10 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}[2009/03/02 18:31:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}[2009/04/14 17:06:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}[2009/06/11 07:05:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}[2009/08/11 17:28:58 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009/08/11 17:28:58 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2009/05/21 11:33:58 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll[2009/08/22 09:40:36 | 00,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\mozilla firefox\plugins\NPMyWebS.dll[2009/08/11 17:28:58 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2006/10/26 21:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll[2009/06/17 21:20:11 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml[2009/06/17 21:20:11 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml[2009/06/25 22:29:11 | 00,001,489 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml[2009/06/17 21:20:11 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml[2009/06/17 21:20:11 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml[2009/06/17 21:20:11 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009/06/17 21:20:11 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml[2009/08/15 01:05:16 | 00,000,861 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml[2009/08/15 01:06:39 | 00,002,381 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zwangi121.xml O1 HOSTS File: (610662 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO1 - Hosts: 127.0.0.1 fr.a2dfp.netO1 - Hosts: 127.0.0.1 m.fr.a2dfp.netO1 - Hosts: 127.0.0.1 ad.a8.netO1 - Hosts: 127.0.0.1 asy.a8ww.netO1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]O1 - Hosts: 127.0.0.1 phpadsnew.abac.comO1 - Hosts: 127.0.0.1 a.abnad.netO1 - Hosts: 127.0.0.1 b.abnad.netO1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]O1 - Hosts: 127.0.0.1 d.abnad.netO1 - Hosts: 127.0.0.1 e.abnad.netO1 - Hosts: 127.0.0.1 t.abnad.netO1 - Hosts: 127.0.0.1 z.abnad.netO1 - Hosts: 127.0.0.1 banners.absolpublisher.comO1 - Hosts: 127.0.0.1 tracking.absolstats.comO1 - Hosts: 127.0.0.1 adv.abv.bgO1 - Hosts: 127.0.0.1 bimg.abv.bgO1 - Hosts: 127.0.0.1 www2.a-counter.kiev.uaO1 - Hosts: 127.0.0.1 track.acclaimnetwork.comO1 - Hosts: 127.0.0.1 accuserveadsystem.comO1 - Hosts: 127.0.0.1 www.accuserveadsystem.comO1 - Hosts: 127.0.0.1 gtb5.acecounter.comO1 - Hosts: 127.0.0.1 gtb19.acecounter.comO1 - Hosts: 16307 more lines...O2 - BHO: (no name) - {BF56A325-23F2-42AD-F4E4-00AAC39CAA53} - No CLSID value found.O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe (Dell Inc.)O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)O4 - HKCU..\Run: [AdobeBridge] File not foundO4 - HKCU..\Run: [Aim6] File not foundO4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Garrett A\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )O4 - Startup: C:\Documents and Settings\Garrett A\Start Menu\Programs\Startup\jusched.jar ()O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0O8 - Extra context menu item: &Search - Reg Error: Value error. File not foundO8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab (PhotoPickConvert Class)O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)O18 - Protocol\Filter: - application/octet-stream - File not foundO18 - Protocol\Filter: - application/x-complus - File not foundO18 - Protocol\Filter: - application/x-msdownload - File not foundO18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not foundO20 - HKLM Winlogon: Shell - (logon.exe) - File not foundO20 - HKLM Winlogon: UIHost - (logonui.exe) - File not foundO20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not foundO20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - File not foundO20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not foundO20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not foundO20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not foundO20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not foundO20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not foundO20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not foundO20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not foundO20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not foundO20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not foundO20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not foundO24 - Desktop Components:0 (My Current Home Page) - About:HomeO28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not foundO28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O29 - HKLM SecurityProviders - (msapsspc.dll) - File not foundO29 - HKLM SecurityProviders - (schannel.dll) - File not foundO29 - HKLM SecurityProviders - (digest.dll) - File not foundO29 - HKLM SecurityProviders - (msnsspc.dll) - File not foundO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O33 - MountPoints2\{a7283796-485e-11de-bfdc-001fe11b9ffe}\Shell - "" = AutorunO33 - MountPoints2\{a7283796-485e-11de-bfdc-001fe11b9ffe}\Shell\AutoRun - "" = Auto&PlayO33 - MountPoints2\{a7283796-485e-11de-bfdc-001fe11b9ffe}\Shell\open\command - "" = E:\unlock.exe -- File not foundO33 - MountPoints2\{dd98b566-084e-11de-bfb7-001fe11b9ffe}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not foundO34 - HKLM BootExecute: (autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) - File not found ========== Files/Folders - Created Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files][2009/08/26 21:13:33 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Garrett A\Desktop\OTL.exe[2009/08/26 15:09:44 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Wsiwahigafeku.dat[2009/08/26 15:07:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\{C31C0925-9639-42FC-B0F4-D6D40C4DA7B0}[2009/08/26 07:06:55 | 00,000,000 | ---D | C] -- C:\Program Files\AdvancedVirusRemover[2009/08/26 02:55:19 | 00,020,992 | ---- | C] () -- C:\WINDOWS\System32\winhelper.dll[2009/08/26 02:55:14 | 00,000,252 | -H-- | C] () -- C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job[2009/08/25 10:29:26 | 00,040,448 | ---- | C] (EuroGroup) -- C:\WINDOWS\System32\systran.dll[2009/08/25 10:29:26 | 00,003,460 | ---- | C] () -- C:\WINDOWS\System32\kjnd[2009/08/24 15:41:50 | 00,000,004 | ---- | C] () -- C:\WINDOWS\System32\bincd32.dat[2009/08/24 02:05:03 | 00,008,550 | ---- | C] () -- C:\WINDOWS\System32\wispex.html[2009/08/24 02:05:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\images[2009/08/23 23:20:19 | 00,001,382 | ---- | C] () -- C:\WINDOWS\System32\onhelp.htm[2009/08/23 23:07:25 | 00,000,036 | ---- | C] () -- C:\WINDOWS\System32\sysnet.dat[2009/08/23 23:07:18 | 00,492,032 | ---- | C] (ASC - AntiSpyware) -- C:\WINDOWS\System32\dddesot.dll[2009/08/23 23:07:18 | 00,390,144 | ---- | C] () -- C:\WINDOWS\System32\desot.exe[2009/08/23 23:07:18 | 00,163,840 | ---- | C] () -- C:\WINDOWS\svchast.exe[2009/08/23 23:07:18 | 00,000,091 | ---- | C] () -- C:\WINDOWS\System32\sonhelp.htm[2009/08/23 23:07:18 | 00,000,064 | ---- | C] () -- C:\WINDOWS\ppp4.dat[2009/08/23 23:07:18 | 00,000,009 | ---- | C] () -- C:\WINDOWS\System32\bennuar.old[2009/08/23 23:07:18 | 00,000,001 | ---- | C] () -- C:\WINDOWS\ppp3.dat[2009/08/23 23:00:53 | 00,000,000 | ---D | C] -- C:\spoolerlogs[2009/08/23 20:15:52 | 00,012,904 | ---- | C] () -- C:\Documents and Settings\Garrett A\Desktop\Author Research.docx[2009/08/20 18:41:07 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Garrett A\Desktop\~$ent Staples.docx[2009/08/19 12:55:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Cooliris[2009/08/17 15:56:03 | 06,291,456 | -H-- | C] () -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\IconCache.db[2009/08/16 03:00:14 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2[2009/08/15 01:28:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Powercinema[2009/08/15 01:25:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MediaDirect[2009/08/15 01:23:51 | 00,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll[2009/08/15 01:09:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Winferno[2009/08/15 01:06:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Internet Saving Optimizer[2009/08/15 01:04:28 | 00,516,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CapiCom.dll[2009/08/15 01:04:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Media Access Startup[2009/08/15 01:03:20 | 00,000,000 | ---D | C] -- C:\Program Files\DoubleD[2009/08/15 01:03:00 | 00,000,000 | ---D | C] -- C:\Program Files\Conduit[2009/08/15 01:03:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Conduit[2009/08/15 01:02:56 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\~0[2009/08/15 01:02:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\DoubleD[2009/08/12 09:13:45 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat[2009/08/12 09:13:25 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx[2009/08/12 09:13:03 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll[2009/08/12 03:04:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer[2009/08/12 03:04:42 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies[2009/08/12 03:04:25 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll[2009/08/12 03:04:25 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll[2009/08/12 03:04:25 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe[2009/08/12 03:04:25 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll[2009/08/12 03:04:25 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll[2009/08/12 03:04:25 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll[2009/08/12 03:04:25 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll[2009/08/12 03:04:25 | 00,000,000 | ---D | C] -- C:\0d06993c3bb510436d8701b46494[2009/08/11 20:49:44 | 00,010,363 | ---- | C] () -- C:\Documents and Settings\Garrett A\Desktop\quotes.docx[2009/08/11 20:49:30 | 00,014,174 | ---- | C] () -- C:\Documents and Settings\Garrett A\Desktop\Brent Staples.docx[2009/08/11 17:47:36 | 00,017,839 | ---- | C] () -- C:\Documents and Settings\Garrett A\Desktop\quotesss.docx[2009/08/11 17:33:07 | 00,059,623 | ---- | C] () -- C:\Documents and Settings\Garrett A\Desktop\English shiiit.docx[2009/08/05 04:01:48 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll[2009/07/22 02:44:32 | 00,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2009/07/22 02:44:32 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2009/05/04 02:10:52 | 01,953,696 | ---- | C] () -- C:\WINDOWS\System32\igklg400.dll[2009/05/04 02:10:52 | 01,533,360 | ---- | C] () -- C:\WINDOWS\System32\igklg450.dll[2009/05/04 02:10:51 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v1409.dll[2008/09/15 21:57:37 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini[2008/09/15 21:47:47 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll[2008/09/15 21:47:44 | 00,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll[2008/09/15 21:25:18 | 01,174,000 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll[2008/09/15 21:25:18 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll[2008/09/15 21:25:18 | 00,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll[2008/09/15 21:25:14 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll[2008/09/15 21:23:45 | 00,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI[2004/08/10 13:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini[2004/08/10 13:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini[2004/08/10 12:51:28 | 00,000,684 | ---- | C] () -- C:\WINDOWS\win.ini[2004/08/10 12:51:26 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini ========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files][2 C:\WINDOWS\*.tmp files][1 C:\Documents and Settings\Garrett A\Desktop\*.tmp files][2009/08/26 21:13:33 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Garrett A\Desktop\OTL.exe[2009/08/26 21:00:00 | 00,000,252 | -H-- | M] () -- C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job[2009/08/26 20:44:34 | 00,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-963421874-3853088723-1298767592-1006UA.job[2009/08/26 17:25:11 | 00,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2009/08/26 17:25:10 | 00,528,020 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2009/08/26 17:25:10 | 00,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2009/08/26 17:20:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009/08/26 17:19:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009/08/26 17:19:47 | 21,370,38848 | -HS- | M] () -- C:\hiberfil.sys[2009/08/26 17:18:53 | 06,291,456 | -H-- | M] () -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\IconCache.db[2009/08/26 15:09:44 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Wsiwahigafeku.dat[2009/08/26 15:03:21 | 00,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat[2009/08/26 15:00:06 | 40,172,891 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm[2009/08/26 15:00:06 | 00,068,616 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg[2009/08/26 02:55:20 | 00,020,992 | ---- | M] () -- C:\WINDOWS\System32\winhelper.dll[2009/08/25 23:44:06 | 00,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-963421874-3853088723-1298767592-1006Core.job[2009/08/25 17:41:46 | 00,000,684 | ---- | M] () -- C:\WINDOWS\win.ini[2009/08/25 15:28:44 | 00,008,192 | ---- | M] () -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009/08/25 15:27:21 | 00,390,144 | ---- | M] () -- C:\WINDOWS\System32\desot.exe[2009/08/25 15:27:21 | 00,000,064 | ---- | M] () -- C:\WINDOWS\ppp4.dat[2009/08/25 15:27:21 | 00,000,001 | ---- | M] () -- C:\WINDOWS\ppp3.dat[2009/08/25 15:27:03 | 00,492,032 | ---- | M] (ASC - AntiSpyware) -- C:\WINDOWS\System32\dddesot.dll[2009/08/25 15:12:18 | 00,001,382 | ---- | M] () -- C:\WINDOWS\System32\onhelp.htm[2009/08/25 10:35:22 | 00,000,009 | ---- | M] () -- C:\WINDOWS\System32\bennuar.old[2009/08/25 10:29:26 | 00,040,448 | ---- | M] (EuroGroup) -- C:\WINDOWS\System32\systran.dll[2009/08/25 10:29:26 | 00,003,460 | ---- | M] () -- C:\WINDOWS\System32\kjnd[2009/08/24 17:34:12 | 00,000,004 | ---- | M] () -- C:\WINDOWS\System32\bincd32.dat[2009/08/23 23:07:25 | 00,000,036 | ---- | M] () -- C:\WINDOWS\System32\sysnet.dat[2009/08/23 23:07:18 | 00,163,840 | ---- | M] () -- C:\WINDOWS\svchast.exe[2009/08/23 23:07:18 | 00,000,091 | ---- | M] () -- C:\WINDOWS\System32\sonhelp.htm[2009/08/23 20:15:52 | 00,012,904 | ---- | M] () -- C:\Documents and Settings\Garrett A\Desktop\Author Research.docx[2009/08/23 19:55:31 | 00,014,174 | ---- | M] () -- C:\Documents and Settings\Garrett A\Desktop\Brent Staples.docx[2009/08/23 19:39:26 | 00,010,363 | ---- | M] () -- C:\Documents and Settings\Garrett A\Desktop\quotes.docx[2009/08/20 18:41:07 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Garrett A\Desktop\~$ent Staples.docx[2009/08/17 04:38:00 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll[2009/08/17 04:37:58 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys[2009/08/17 04:37:57 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys[2009/08/13 16:12:51 | 00,116,232 | ---- | M] () -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\GDIPFONTCACHEV1.DAT[2009/08/13 03:04:35 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2009/08/12 03:15:06 | 02,232,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2009/08/11 17:47:36 | 00,017,839 | ---- | M] () -- C:\Documents and Settings\Garrett A\Desktop\quotesss.docx[2009/08/11 17:33:08 | 00,059,623 | ---- | M] () -- C:\Documents and Settings\Garrett A\Desktop\English shiiit.docx[2009/08/05 04:01:48 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll[2009/08/05 04:01:48 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll[2009/07/31 11:10:21 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2009/07/29 19:49:14 | 24,281,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 178 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:54D4173A< End of report >OTL logfile created on: 8/26/2009 9:19:17 PM - Run 1OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Garrett A\DesktopWindows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.64% Memory free3.84 Gb Paging File | 3.14 Gb Available in Paging File | 81.91% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 105.92 Gb Total Space | 69.30 Gb Free Space | 65.43% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: GARRETTCurrent User Name: Garrett ALogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Processes (SafeList) ========== PRC - [2007/12/11 13:22:36 | 00,024,064 | ---- | M] () -- C:\WINDOWS\System32\WLTRYSVC.EXEPRC - [2007/12/11 13:22:12 | 01,921,024 | ---- | M] (Dell Inc.) -- C:\WINDOWS\System32\bcmwltry.exePRC - [2009/08/23 23:07:18 | 00,163,840 | ---- | M] () -- C:\WINDOWS\svchast.exePRC - [2009/08/17 04:33:44 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exePRC - [2009/05/21 11:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exePRC - [2008/03/19 14:26:38 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\STacSV.exePRC - [2009/08/17 04:38:00 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exePRC - [2009/08/17 04:35:19 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exePRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exePRC - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exePRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.exePRC - [2009/04/10 08:35:48 | 00,615,936 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exePRC - [2008/03/19 14:30:08 | 00,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exePRC - [2007/12/11 13:22:36 | 02,183,168 | ---- | M] (Dell Inc.) -- C:\WINDOWS\System32\WLTRAY.exePRC - [2008/03/19 14:26:42 | 00,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exePRC - [2007/10/29 16:33:08 | 00,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exePRC - [2008/11/20 14:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exePRC - [2009/08/17 04:34:31 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exePRC - [2007/08/24 08:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exePRC - [2008/03/19 14:30:06 | 00,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exePRC - [2009/05/21 11:34:07 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exePRC - [2008/03/19 14:34:56 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32

___ · « **Reply #4 on:** August 26, 2009, 09:20:44 PM »

Extras.Txt

OTL Extras logfile created on: 8/26/2009 9:19:17 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Garrett A\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.64% Memory free
3.84 Gb Paging File | 3.14 Gb Available in Paging File | 81.91% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.92 Gb Total Space | 69.30 Gb Free Space | 65.43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GARRETT
Current User Name: Garrett A
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=\"#E56717\"]========== Extra Registry (SafeList) ==========[/color]

[color=\"#E56717\"]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

[color=\"#E56717\"]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"43594:TCP" = 43594:TCP:*:Enabled:PrivateServer

[color=\"#E56717\"]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Program Files\Dell\MediaDirect\PCMService.exe" = C:\Program Files\Dell\MediaDirect\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program -- (CyberLink Corp.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- File not found
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Program Files\Counter-Strike 1.6\hlds.exe" = C:\Program Files\Counter-Strike 1.6\hlds.exe:*:Enabled:HLDS Launcher -- File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Java\jdk1.6.0_11\bin\java.exe" = C:\Program Files\Java\jdk1.6.0_11\bin\java.exe:*:Enabled:Java(tm) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe" = C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Documents and Settings\Garrett A\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Garrett A\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Disabled:Main program for Octoshape client -- File not found

[color=\"#E56717\"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(tm) 6 Update 14
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(tm) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160110}" = Java(tm) SE Development Kit 6 Update 11
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4DC6EB24-629D-41D7-AB3E-E81872A8F9CC}" = TortoiseSVN 1.6.1.16129 (32 bit)
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{13A4F50D-71DA-4E5A-8B7A-BBA465865BC0}" =
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{A06EEE99-5730-4127-ADF8-8BD072399D06}" =
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{998D6972-F58E-479D-9248-8F179E55AE38}" = Java DB 10.4.1.3
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AIM_6" = AIM 6
"AVG8Uninstall" = AVG Free 8.5
"AVS Disc Creator_is1" = AVS Disc Creator version 3.5
"AVS DVDMenu Editor_is1" = AVS DVDMenu Editor 1.2.1.20
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU DV to DVD_is1" = AVS DV to DVD 1.2
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"AVSCoverEditor_AVS4YOU_is1" = AVS Cover Editor 1.3.1.96 (AVS4YOU)
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Hamachi" = Hamachi 1.0.3.0
"HDMI" = Intel® Graphics Media Accelerator Driver
"HyperCam 2" = HyperCam 2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"JCreator Pro_is1" = JCreator Pro 4.50
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"No-IP.com DUC" = No-IP.com DUC (remove only)
"PROPLUS" = Microsoft Office Professional Plus 2007
"TBSB09835.TBSB09835Toolbar" = Bullseye Tool Bar
"TeamViewer 4" = TeamViewer 4
"ViewpointMediaPlayer" = Viewpoint Media Player
"Vuze" = Vuze
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Win Antivirus Pro" = Windows Antivirus Pro
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall

[color=\"#E56717\"]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=\"#E56717\"]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 8/24/2009 7:13:43 PM | Computer Name = GARRETT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 8/25/2009 12:36:52 PM | Computer Name = GARRETT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 8/25/2009 1:37:57 PM | Computer Name = GARRETT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 8/25/2009 2:39:03 PM | Computer Name = GARRETT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 8/25/2009 3:40:07 PM | Computer Name = GARRETT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 8/26/2009 8:07:14 AM | Computer Name = GARRETT | Source = Application Error | ID = 1000
Description = Faulting application wlcomm.exe, version 14.0.8064.206, faulting module
unknown, version 0.0.0.0, fault address 0x76f2345a.

Error - 8/26/2009 8:10:33 AM | Computer Name = GARRETT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3498, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/26/2009 3:58:04 PM | Computer Name = GARRETT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 8/26/2009 4:03:11 PM | Computer Name = GARRETT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 8/26/2009 6:20:25 PM | Computer Name = GARRETT | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

[ OSession Events ]
Error - 6/23/2009 10:54:31 PM | Computer Name = GARRETT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/23/2009 10:54:39 PM | Computer Name = GARRETT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8/17/2009 4:55:02 PM | Computer Name = GARRETT | Source = WMPNetworkSvc | ID = 866312
Description = A new media server was not initialized because WMCreateDeviceRegistration()
encountered error '0xc00d2711'. The Windows Media DRM components on your computer
might be corrupted. Verify that protected files play correctly in Windows Media
Player, and then restart the WMPNetworkSvc service.

Error - 8/17/2009 9:21:57 PM | Computer Name = GARRETT | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 5.60.236.85 on
the Network Card with network address 7A79053CEC55.

Error - 8/17/2009 9:22:00 PM | Computer Name = GARRETT | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the JavaQuickStarterService service.

Error - 8/19/2009 1:50:52 PM | Computer Name = GARRETT | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 5.60.236.85 on
the Network Card with network address 7A79053CEC55.

Error - 8/23/2009 4:27:47 PM | Computer Name = GARRETT | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.

Error - 8/24/2009 5:34:00 PM | Computer Name = GARRETT | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\WINDOWS\system32\urlmon.dll"
on line 0.

Error - 8/24/2009 5:34:00 PM | Computer Name = GARRETT | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\system32\urlmon.dll.
Reference
error message: The operation completed successfully. .

Error - 8/24/2009 5:34:00 PM | Computer Name = GARRETT | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\WINDOWS\system32\WININET.dll"
on line 0.

Error - 8/24/2009 5:34:00 PM | Computer Name = GARRETT | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\system32\WININET.dll.
Reference
error message: The operation completed successfully. .

Error - 8/26/2009 5:09:00 PM | Computer Name = GARRETT | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.

< End of report >

guestolo · « **Reply #5 on:** August 26, 2009, 09:45:19 PM »

Your version of Malwarebytes AntiMalware is very outdated
Can you do the following
Access your Add and Remove programs and uninstall your copy of Malwarebytes AntiMalware

Then do the following:
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to your Desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to [color=\"#006400\"]Update Malwarebytes' Anti-Malware[/color] and [color=\"#006400\"]Launch Malwarebytes' Anti-Malware[/color], then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

In addition: Run OTL.exe again, post the log that opens when it's complete

___ · « **Reply #6 on:** August 28, 2009, 05:07:18 PM »

Well, my computer was running fine, for a day...
I re-ran the scan several times, and it kept finding more and more viruses each time. I read the despcriptions and they seemed like they were linked wiht Firefox, so I uninstalled it, yet I keep getting more viruses.

Here's a few more scans/OTL logs.

Thanks again.

Also forgot to say that whenever I log onto my computer, I get a popup error message saying "Unable to find logon.exe"
Not sure what exactly that means, but I didn't use to get that message until I started getting all the spam...

EDIT>>I'm posting your one MBAM log here, for easier access
Malwarebytes' Anti-Malware 1.40
Database version: 2702
Windows 5.1.2600 Service Pack 3

8/28/2009 5:03:57 PM
mbam-log-2009-08-28 (17-03-57).txt

Scan type: Quick Scan
Objects scanned: 94692
Time elapsed: 4 minute(s), 12 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 3
Files Infected: 37

Memory Processes Infected:
C:\WINDOWS\svchast.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\antippro2009_100 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\antippro2009_100 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\antippro2009_100 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{76dc0b63-1533-4ba9-8be8-d59eb676fa02} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{76dc0b63-1533-4ba9-8be8-d59eb676fa02} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76dc0b63-1533-4ba9-8be8-d59eb676fa02} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Windows antiVirus pro (Rogue.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\minix32 (Rogue.WinAntivirusPro) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (C:\WINDOWS\system32\desot.exe "%1" %*) Good: ("%1" %*) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\Windows AntiVirus Pro (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\svchast.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\minix32.exe (Rogue.WinAntivirusPro) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dddesot.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\qbwgcpyuaw.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\winivsetup.exe (Rogue.WinAntivirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\ANTI_files.exe (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\msvcm80.dll (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\msvcp80.dll (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\msvcr80.dll (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\Windows Antivirus Pro.exe (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\dbsinit.exe (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\wispex.html (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\i1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\i2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\i3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\j1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\j2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\j3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\jj1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\jj2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\jj3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\l1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\l2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\l3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\pix.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\t1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\t2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\up1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\up2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w11.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\w3.jpg (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\wt1.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\wt2.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.
C:\Program Files\Windows AntiVirus Pro\tmp\images\wt3.gif (Rogue.WindowsAntiVirusPro) -> Quarantined and deleted successfully.

also including OTL.txt
OTL logfile created on: 8/28/2009 5:04:01 PM - Run 2
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Garrett A\Desktop\#All#
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 66.35% Memory free
3.84 Gb Paging File | 3.31 Gb Available in Paging File | 86.19% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.92 Gb Total Space | 68.05 Gb Free Space | 64.24% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GARRETT
Current User Name: Garrett A
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=\"#E56717\"]========== Processes (SafeList) ==========[/color]

PRC - [2007/12/11 13:22:36 | 00,024,064 | ---- | M] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
PRC - [2007/12/11 13:22:12 | 01,921,024 | ---- | M] (Dell Inc.) -- C:\WINDOWS\System32\bcmwltry.exe
PRC - [2009/08/17 04:33:44 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/05/21 11:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/08/17 04:38:00 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/17 04:35:19 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2008/03/19 14:26:38 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\STacSV.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
PRC - [2009/04/10 08:35:48 | 00,615,936 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2009/08/03 13:36:10 | 01,295,632 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2008/04/13 19:12:37 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe
PRC - [2009/08/21 18:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/08/21 18:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/08/21 18:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/08/21 18:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/08/21 18:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/08/21 18:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/08/26 21:13:33 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Garrett A\Desktop\#All#\OTL.exe

[color=\"#E56717\"]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found -- Service key not found. -- (AntipPro2009_100 [Unknown | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/08/17 04:33:44 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/06/09 15:18:04 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2009/05/21 11:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2007/08/24 07:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/08/24 04:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008/03/19 14:26:38 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\STacSV.exe -- (STacSV [Auto | Running])
SRV - [2008/03/24 07:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2007/12/11 13:22:36 | 00,024,064 | ---- | M] () -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc [Auto | Running])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running])

[color=\"#E56717\"]========== Driver Services (SafeList) ==========[/color]

DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2001/08/17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Disabled | Stopped])
DRV - [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Disabled | Stopped])
DRV - [2008/03/19 14:30:06 | 00,164,400 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\System32\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
DRV - [2005/08/12 16:50:46 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV [System | Running])
DRV - [2001/08/17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Disabled | Stopped])
DRV - [2001/08/17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Disabled | Stopped])
DRV - [2009/08/17 04:37:57 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/08/17 04:37:58 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/05/08 08:51:51 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2007/12/11 13:22:24 | 01,123,328 | ---- | M] (Broadcom Corp.) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Running])
DRV - [2001/08/17 13:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Disabled | Stopped])
DRV - [2001/08/17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])
DRV - [2001/08/17 12:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2008/04/17 14:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2009/05/29 06:14:53 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Stopped])
DRV - [2008/04/13 11:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007/12/02 18:26:20 | 00,211,200 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2007/12/02 18:26:22 | 00,989,952 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2008/03/19 14:35:12 | 05,776,928 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\igxpmp32.sys -- (ialm [On_Demand | Running])
DRV - [2008/03/24 14:36:14 | 00,305,176 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/01/02 16:48:28 | 02,016,256 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Stopped])
DRV - [2008/09/22 06:40:46 | 00,109,568 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService [On_Demand | Running])
DRV - File not found -- Service key not found. -- (iskrz [Unknown | Running])
DRV - [2007/12/02 18:26:28 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2001/08/17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Disabled | Stopped])
DRV - [2009/05/09 01:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NuidFltr.sys -- (NuidFltr [On_Demand | Running])
DRV - [2004/08/03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2004/08/04 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/11/14 03:00:00 | 00,043,840 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Disabled | Stopped])
DRV - [2001/08/17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Disabled | Stopped])
DRV - [2001/08/17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Disabled | Stopped])
DRV - [2008/03/19 14:36:22 | 00,039,936 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2008/03/19 14:36:20 | 00,042,496 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2008/03/19 14:36:24 | 00,037,376 | ---- | M] (REDC) -- C:\WINDOWS\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Disabled | Stopped])
DRV - [2001/08/17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Disabled | Stopped])
DRV - [2008/03/19 14:26:40 | 01,222,840 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\sthda.sys -- (STHDA [On_Demand | Running])
DRV - [2001/08/17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])
DRV - [2001/08/17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])
DRV - [2001/08/17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])
DRV - [2001/08/17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
DRV - [2001/08/17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Disabled | Stopped])
DRV - [2007/12/02 18:26:20 | 00,731,136 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2008/03/19 14:47:32 | 00,265,856 | ---- | M] (Marvell) -- C:\WINDOWS\System32\DRIVERS\yk51x86.sys -- (yukonwxp [On_Demand | Running])
DRV - File not found -- Service key not found. -- (zmznd [Unknown | Running])
DRV - [2007/10/29 16:44:12 | 00,039,408 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} [Auto | Running])
DRV - [2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Running])

[color=\"#E56717\"]========== Standard Registry (SafeList) ==========[/color]

[color=\"#E56717\"]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home
IE - URLSearchHook: *{00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - URLSearchHook: *{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - Reg Error: Key error. File not found
IE - URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/06/25 09:18:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/02 18:30:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/06/25 09:17:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/12 03:05:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{C31C0925-9639-42FC-B0F4-D6D40C4DA7B0}: C:\Documents and Settings\Garrett A\Local Settings\Application Data\{C31C0925-9639-42FC-B0F4-D6D40C4DA7B0}\ [2009/08/26 15:07:05 | 00,000,000 | ---D | M]

[2009/08/27 22:51:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/12/25 11:19:10 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/02 18:31:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/14 17:06:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/11 07:05:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/05/21 11:33:58 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2006/10/26 21:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2008/12/25 10:44:24 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2009/06/25 22:29:11 | 00,001,489 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
[2009/08/15 01:06:39 | 00,002,381 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zwangi121.xml

O1 HOSTS File: (610662 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 16307 more lines...
O2 - BHO: (no name) - {BF56A325-23F2-42AD-F4E4-00AAC39CAA53} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe (Dell Inc.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Garrett A\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
O4 - Startup: C:\Documents and Settings\Garrett A\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk = C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe (Nuance Communications, Inc.)
O4 - Startup: C:\Documents and Settings\Garrett A\Start Menu\Programs\Startup\jusched.jar ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - File not found
O18 - Protocol\Filter: - application/x-complus - File not found
O18 - Protocol\Filter: - application/x-msdownload - File not found
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a7283796-485e-11de-bfdc-001fe11b9ffe}\Shell - "" = Autorun
O33 - MountPoints2\{a7283796-485e-11de-bfdc-001fe11b9ffe}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a7283796-485e-11de-bfdc-001fe11b9ffe}\Shell\open\command - "" = E:\unlock.exe -- File not found
O33 - MountPoints2\{dd98b566-084e-11de-bfb7-001fe11b9ffe}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=\"#E56717\"]========== Files/Folders - Created Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/08/28 15:45:00 | 00,000,000 | ---D | C] -- C:\Avenger
[2009/08/27 22:53:46 | 00,010,191 | ---- | C] () -- C:\Documents and Settings\Garrett A\My Documents\wc.docx
[2009/08/27 21:33:27 | 00,011,180 | ---- | C] () -- C:\Documents and Settings\Garrett A\My Documents\1.docx
[2009/08/27 21:33:00 | 00,009,857 | ---- | C] () -- C:\Documents and Settings\Garrett A\My Documents\6.docx
[2009/08/27 21:32:52 | 00,011,312 | ---- | C] () -- C:\Documents and Settings\Garrett A\My Documents\5.docx
[2009/08/27 21:32:44 | 00,010,480 | ---- | C] () -- C:\Documents and Settings\Garrett A\My Documents\4.docx
[2009/08/27 21:32:30 | 00,011,163 | ---- | C] () -- C:\Documents and Settings\Garrett A\My Documents\3.docx
[2009/08/27 21:32:19 | 00,012,581 | ---- | C] () -- C:\Documents and Settings\Garrett A\My Documents\2.docx
[2009/08/27 19:01:09 | 00,002,194 | ---- | C] () -- C:\Documents and Settings\Garrett A\Application Data\SAS7_000.DAT
[2009/08/27 18:45:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Application Data\Nuance
[2009/08/27 18:45:23 | 00,000,945 | ---- | C] () -- C:\Documents and Settings\Garrett A\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk
[2009/08/27 18:37:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2009/08/27 18:37:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/08/27 18:37:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nuance
[2009/08/27 18:36:39 | 00,000,000 | ---D | C] -- C:\Program Files\Nuance
[2009/08/27 18:36:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2009/08/27 18:36:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\speech
[2009/08/26 22:12:06 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/26 22:12:05 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/08/26 22:12:05 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/26 15:09:44 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Wsiwahigafeku.dat
[2009/08/26 15:07:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\{C31C0925-9639-42FC-B0F4-D6D40C4DA7B0}
[2009/08/25 10:29:26 | 00,003,460 | ---- | C] () -- C:\WINDOWS\System32\kjnd
[2009/08/24 02:05:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\images
[2009/08/23 23:00:53 | 00,000,000 | ---D | C] -- C:\spoolerlogs
[2009/08/19 12:55:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Cooliris
[2009/08/17 15:56:03 | 06,291,456 | -H-- | C] () -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\IconCache.db
[2009/08/16 03:00:14 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2009/08/15 01:28:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Powercinema
[2009/08/15 01:25:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MediaDirect
[2009/08/15 01:23:51 | 00,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2009/08/15 01:09:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2009/08/15 01:04:28 | 00,516,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CapiCom.dll
[2009/08/15 01:03:00 | 00,000,000 | ---D | C] -- C:\Program Files\Conduit
[2009/08/15 01:03:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\Conduit
[2009/08/15 01:02:56 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\~0
[2009/08/12 09:13:45 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/08/12 09:13:25 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009/08/12 09:13:03 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009/08/12 03:04:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/08/12 03:04:42 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/08/12 03:04:25 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/08/12 03:04:25 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/08/12 03:04:25 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/08/12 03:04:25 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/08/12 03:04:25 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/08/12 03:04:25 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/08/12 03:04:25 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/08/12 03:04:25 | 00,000,000 | ---D | C] -- C:\0d06993c3bb510436d8701b46494
[2009/08/05 04:01:48 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/07/22 02:44:32 | 00,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/07/22 02:44:32 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/05/04 02:10:52 | 01,953,696 | ---- | C] () -- C:\WINDOWS\System32\igklg400.dll
[2009/05/04 02:10:52 | 01,533,360 | ---- | C] () -- C:\WINDOWS\System32\igklg450.dll
[2009/05/04 02:10:51 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v1409.dll
[2008/09/15 21:57:37 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/09/15 21:47:47 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/09/15 21:47:44 | 00,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/09/15 21:25:18 | 01,174,000 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/09/15 21:25:18 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2008/09/15 21:25:18 | 00,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2008/09/15 21:25:14 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008/09/15 21:23:45 | 00,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 13:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:51:28 | 00,000,684 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/10 12:51:26 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

[color=\"#E56717\"]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/08/28 16:44:01 | 00,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-963421874-3853088723-1298767592-1006UA.job
[2009/08/28 15:49:14 | 00,528,020 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/08/28 15:49:14 | 00,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/28 15:49:14 | 00,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/28 15:45:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/28 15:45:00 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/28 15:44:57 | 21,370,38848 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/28 08:43:42 | 40,225,915 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/27 23:44:00 | 00,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-963421874-3853088723-1298767592-1006Core.job
[2009/08/27 22:56:41 | 00,010,480 | ---- | M] () -- C:\Documents and Settings\Garrett A\My Documents\4.docx
[2009/08/27 22:53:46 | 00,010,191 | ---- | M] () -- C:\Documents and Settings\Garrett A\My Documents\wc.docx
[2009/08/27 22:44:29 | 00,011,312 | ---- | M] () -- C:\Documents and Settings\Garrett A\My Documents\5.docx
[2009/08/27 22:34:24 | 00,011,163 | ---- | M] () -- C:\Documents and Settings\Garrett A\My Documents\3.docx
[2009/08/27 22:24:26 | 00,011,180 | ---- | M] () -- C:\Documents and Settings\Garrett A\My Documents\1.docx
[2009/08/27 22:08:20 | 00,012,581 | ---- | M] () -- C:\Documents and Settings\Garrett A\My Documents\2.docx
[2009/08/27 21:33:00 | 00,009,857 | ---- | M] () -- C:\Documents and Settings\Garrett A\My Documents\6.docx
[2009/08/27 19:01:09 | 00,002,194 | ---- | M] () -- C:\Documents and Settings\Garrett A\Application Data\SAS7_000.DAT
[2009/08/27 18:45:23 | 00,000,945 | ---- | M] () -- C:\Documents and Settings\Garrett A\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk
[2009/08/27 17:17:30 | 00,073,369 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/27 15:11:52 | 00,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/26 17:18:53 | 06,291,456 | -H-- | M] () -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\IconCache.db
[2009/08/26 15:09:44 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Wsiwahigafeku.dat
[2009/08/25 17:41:46 | 00,000,684 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/08/25 15:28:44 | 00,008,192 | ---- | M] () -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/25 10:29:26 | 00,003,460 | ---- | M] () -- C:\WINDOWS\System32\kjnd
[2009/08/17 04:38:00 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/08/17 04:37:58 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/08/17 04:37:57 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/08/13 16:12:51 | 00,116,232 | ---- | M] () -- C:\Documents and Settings\Garrett A\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/13 03:04:35 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/08/12 03:15:06 | 02,232,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/05 04:01:48 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/08/05 04:01:48 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/31 11:10:21 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/29 19:49:14 | 24,281,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[color=\"#E56717\"]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 178 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:54D4173A
< End of report >

guestolo · « **Reply #7 on:** August 29, 2009, 09:53:40 AM »

Okay, one more time with Malwarebytes please
Open it, ensure you first Check for Updates, your database is still a bit out of date
Run the quick scan and post the results

Post the results right into the reply box

___ · « **Reply #8 on:** August 29, 2009, 06:55:07 PM »

I think the problem was within Firefox, once I uninstalled it, I no longer received spam
I just tried to re-install, and every Google search to me to a 'Fake Computer Scanner' not sure why Mozzila was going out on me, looks like I'll just stick with IE or Google Chrome... Running a scan again with MB will post back in a few minutes...

Thanks again.

Only 2 viruses ::

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bf56a325-23f2-42ad-f4e4-00aac39caa53} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf56a325-23f2-42ad-f4e4-00aac39caa53} (Trojan.Ertfor) -> Quarantined and deleted successfully.

All was removed

guestolo · « **Reply #9 on:** August 29, 2009, 07:11:14 PM »

Can you do the following
Take note: When you post a log back here, please include the Whole log, don't cut off anything

Download ComboFix from one of these locations:

[color=\"#0000FF\"]Link 1[/color]
[color=\"#0000FF\"]Link 2[/color]
[color=\"#FF0000\"]Save it ONLY to your Desktop[/color]

--------------------------------------------------------------------
[color=\"#2E8B57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

[color=\"#2e8b57\"]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
[/color]

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

TheTechGuide Forum

News:

Author Topic: Computer Completely infected. (Read 1434 times)

___

Computer Completely infected.

guestolo

Computer Completely infected.

___

Computer Completely infected.

___

Computer Completely infected.

___

Computer Completely infected.

guestolo

Computer Completely infected.

___

Computer Completely infected.

guestolo

Computer Completely infected.

___

Computer Completely infected.

guestolo

Computer Completely infected.