BITS does not work Error 2 file not found

[dlaw86]

I am having major problems getting Windows Update to work and i have not installed any new updates since september last year. I know for a fact that the Background Intelligent Transfer Service is the problem and everytime i try to start this it comes up with error:
 
Windows could not start the Background Intelligent Transfer Service service on Local Computer.
Error 2: The system cannot find the file specified
 
I have tried most of the other procedures that i could find through searching and also all the points outlined in this post BITS will not start, gives "File Not Found" error .
 
I have tried installing a new version of BITS but this has also not worked. I have enclosed the Windows Update error log:
 
2010-10-15 09:50:41:409 1284 230 begin_of_the_skype_highlighting 409 1284 230 end_of_the_skype_highlighting begin_of_the_skype_highlighting**************409 1284 230 begin_of_the_skype_highlighting 409 1284 230 end_of_the_skype_highlighting******end_of_the_skype_highlighting DnldMgr FATAL: BITS service was not fixed up and thus CCI was not reattempted. (hr = 80080005)
2010-10-15 09:50:41:409 1284 230 begin_of_the_skype_highlighting 409 1284 230 end_of_the_skype_highlighting DnldMgr FATAL: Failed to connect to the BITS service; unable to start new downloads or interact with existing download jobs. (hr = 80080005)
2010-10-15 09:50:41:409 1284 230 begin_of_the_skype_highlighting 409 1284 230 end_of_the_skype_highlighting DnldMgr FATAL: DM:CAgentDownloadManager::DownloadUpdate: pDownloadJob->Init failed with 0x80246008.
2010-10-15 09:50:41:409 1284 230 begin_of_the_skype_highlighting 409 1284 230 end_of_the_skype_highlighting DnldMgr WARNING: Got error (hr = 80246008) starting update 0 in call 19. Notifying call.
2010-10-15 09:50:41:409 1284 230 begin_of_the_skype_highlighting 409 1284 230 end_of_the_skype_highlighting DnldMgr Error 0x80246008 occurred while downloading update; notifying dependent calls.
2010-10-15 09:50:43:452 1284 230 begin_of_the_skype_highlighting 452 1284 230 end_of_the_skype_highlighting DnldMgr WARNING: Extended error for reported error 80246008 = 80080005
2010-10-15 09:50:43:452 1284 230 begin_of_the_skype_highlighting 452 1284 230 end_of_the_skype_highlighting DnldMgr WARNING: Extended error for reported error 80246008 = 80080005
 
Any help would be greatly appreciated.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:57, on 15/10/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Orange Toolbar - {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - C:\Program Files\Orange Toolbar UK\ToolbarContainer192.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [SBAMTray] "C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe"
O4 - HKLM\..\Run: [SBRegRebootCleaner] C:\Program Files\Sunbelt Software\CounterSpy\SBRC.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O15 - Trusted Zone: http://list1.111222.cn
O15 - Trusted Zone: http://kan.pps.tv
O15 - Trusted Zone: http://list1.pps.tv
O15 - Trusted Zone: http://tvguide.pps.tv
O15 - Trusted Zone: http://vodguide.pps.tv
O15 - Trusted Zone: http://list1.ppstream.com
O15 - Trusted Zone: http://notice.ppstream.com
O15 - Trusted Zone: http://xml1.ppstream.com
O15 - Trusted Zone: http://xml2.ppstream.com
O15 - Trusted Zone: http://xml3.ppstream.com
O15 - Trusted Zone: http://list1.ppstream.net
O15 - Trusted Zone: http://list1.ppstv.com
O15 - Trusted Zone: http://list1.ppstv.net
O15 - ESC Trusted Zone: http://list1.111222.cn
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O15 - ESC Trusted Zone: http://kan.pps.tv
O15 - ESC Trusted Zone: http://list1.pps.tv
O15 - ESC Trusted Zone: http://tvguide.pps.tv
O15 - ESC Trusted Zone: http://vodguide.pps.tv
O15 - ESC Trusted Zone: http://list1.ppstream.com
O15 - ESC Trusted Zone: http://notice.ppstream.com
O15 - ESC Trusted Zone: http://xml1.ppstream.com
O15 - ESC Trusted Zone: http://xml2.ppstream.com
O15 - ESC Trusted Zone: http://xml3.ppstream.com
O15 - ESC Trusted Zone: http://list1.ppstream.net
O15 - ESC Trusted Zone: http://list1.ppstv.com
O15 - ESC Trusted Zone: http://list1.ppstv.net
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zon...kr.cab56986.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onec...s/wlscctrl2.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - http://t.live.cctv.c...dateInstall.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Email Removed Photo Upload Tool) - http://gfx2.Email Removed.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-us.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate1ca1a74e50fc337) (gupdate1ca1a74e50fc337) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: CounterSpy Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe
O23 - Service: SB Recovery Service (SBPIMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBPIMSvc.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 13640 bytes

[guestolo]

Can I get a closer look please
Download [color="#FF0000"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and right click on OTL.exe and choose to "Run as Administrator"
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.

[dlaw86]

[quote name='guestolo' date='15 October 2010 - 06:36 PM' timestamp='1287167805' post='472349']
Can I get a closer look please
Download [color="#ff0000"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and right click on OTL.exe and choose to "Run as Administrator"
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
[/quote]

OTL logfile created on: 15/10/2010 19:41:22 - Run 1
OTL by OldTimer - Version 3.2.15.2    Folder = C:\Users\Li\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218.20 Gb Total Space | 35.47 Gb Free Space | 16.26% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 8.29 Gb Free Space | 56.60% Space Free | Partition Type: NTFS
 OTL:
Computer Name: LI-LAPTOP | User Name: Li | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color="#e56717"]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/10/15 19:40:21 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Li\Downloads\OTL.exe
PRC - [2010/09/15 05:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/10 01:44:22 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/09/09 04:46:42 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/09/07 03:50:58 | 001,065,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/09/07 03:50:22 | 001,047,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2010/09/07 03:50:14 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/09/03 10:35:52 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/09/03 10:35:50 | 006,104,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/08/20 20:45:26 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/20 09:38:44 | 001,348,944 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
PRC - [2010/08/20 09:16:34 | 002,763,080 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe
PRC - [2010/08/20 09:15:54 | 000,181,584 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\CounterSpy\SBPIMSvc.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/06/09 12:49:50 | 002,960,032 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2010/04/05 16:46:08 | 000,288,040 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/03/23 13:22:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/02/26 02:03:00 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/02/26 02:03:00 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe
PRC - [2010/02/17 15:34:40 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/11/12 14:27:06 | 002,923,192 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/06/03 14:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/03/03 02:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe
PRC - [2009/01/31 22:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/10/04 19:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/09/24 04:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 17:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 
 
[color="#e56717"]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/10/15 19:40:21 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Li\Downloads\OTL.exe
MOD - [2009/04/11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
 
 
[color="#e56717"]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/03 10:35:50 | 006,104,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/08/20 09:16:34 | 002,763,080 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe -- (SBAMSvc)
SRV - [2010/08/20 09:15:54 | 000,181,584 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\CounterSpy\SBPIMSvc.exe -- (SBPIMSvc)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/08/04 23:39:32 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 02:03:00 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe -- (STacSV)
SRV - [2010/02/08 21:32:52 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/10/31 13:52:01 | 000,320,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/03/17 23:40:35 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/03/03 02:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe -- (AESTFilters)
SRV - [2008/10/04 19:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/09/24 04:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/05/07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/12/14 03:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 03:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 02:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
 
 
[color="#e56717"]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2010/10/12 21:36:39 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/09/13 16:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/19 21:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/06/14 14:54:30 | 000,069,976 | ---- | M] (Sunbelt Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2010/05/13 23:05:40 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2010/05/13 23:05:40 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2010/05/13 07:56:22 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2010/04/19 15:11:26 | 000,033,384 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rsvcdwdr.sys -- (rsvcdwdr)
DRV - [2010/04/19 15:11:24 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010/04/15 13:36:40 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/02/26 02:03:00 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/02/23 16:20:12 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2009/01/16 10:53:32 | 004,568,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/12/17 09:56:50 | 001,331,192 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008/11/17 07:29:08 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/11/11 15:05:18 | 000,003,768 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SndTVideo.sys -- (SndTVideo)
DRV - [2008/11/11 15:05:16 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SndTAudio.sys -- (SndTAudio)
DRV - [2008/09/01 11:19:40 | 000,304,128 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2008/09/01 11:15:54 | 000,317,976 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2008/01/23 22:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
 
 
[color="#e56717"]========== Standard Registry (SafeList) ==========[/color]
 
 
[color="#e56717"]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wz123.com/?wanmei
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.ask.com?o=15438&l=dis
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color="#e56717"]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1114
FF - prefs.js..extensions.enabledItems: [email protected]:0.11
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {b2509cd4-17cd-45ed-8146-a82af038f493}:1.40
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=BT5&o=15435&locale=en_UK&apn_uid=BBD1ED93-83EA-4395-9FCD-2D2F5FB5A448&apn_ptnrs=GG&apn_sauid=43CCB9ED-EFB8-47BA-A6F6-F73D363E5053&apn_dtid=YYYYYYB3GB&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/04/01 21:00:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/10/14 11:43:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/29 15:45:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/29 15:45:06 | 000,000,000 | ---D | M]
 
[2009/03/26 15:50:03 | 000,000,000 | ---D | M] -- C:\Users\Li\AppData\Roaming\Mozilla\Extensions
[2010/10/14 15:28:25 | 000,000,000 | ---D | M] -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions
[2010/08/25 22:16:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/14 15:28:17 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/08/25 22:16:46 | 000,000,000 | ---D | M] (Power Twitter) -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\{b2509cd4-17cd-45ed-8146-a82af038f493}
[2010/08/08 15:09:06 | 000,000,000 | ---D | M] -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\[email protected]
[2009/11/10 20:40:59 | 000,000,000 | ---D | M] -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\[email protected]
[2010/09/17 21:52:11 | 000,000,000 | ---D | M] -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\[email protected]
[2010/10/15 10:22:45 | 000,000,000 | ---D | M] -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\[email protected]
[2009/04/07 18:26:49 | 000,000,682 | ---- | M] () -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\searchplugins\ask.xml
[2010/10/15 10:22:39 | 000,002,570 | ---- | M] () -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\searchplugins\askcom.xml
[2010/06/11 10:51:29 | 000,001,827 | ---- | M] () -- C:\Users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\searchplugins\bing.xml
[2010/10/06 22:04:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/10 11:17:34 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/10/06 22:04:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/10/06 22:04:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/10/06 22:04:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]\chrome
[2010/10/06 22:04:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]\components
[2010/10/06 22:04:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]\defaults
[2009/11/12 14:27:02 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009/09/11 19:25:06 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/09/11 19:25:06 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/09/11 19:25:06 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/09/11 19:25:06 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
 
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    localhost
O1 - Hosts: ::1    localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Orange Toolbar) - {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - C:\Program Files\Orange Toolbar UK\ToolbarContainer192.dll (Copernic Technologies Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Orange Toolbar) - {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - C:\Program Files\Orange Toolbar UK\ToolbarContainer192.dll (Copernic Technologies Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe (Sunbelt Software)
O4 - HKLM..\Run: [SBRegRebootCleaner] C:\Program Files\Sunbelt Software\CounterSpy\SBRC.exe (Sunbelt Software)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Li\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 111222.cn ([list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pps.tv ([kan] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pps.tv ([list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pps.tv ([tvguide] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pps.tv ([vodguide] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([notice] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([xml1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([xml2] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([xml3] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.net ([list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstv.com ([list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstv.net ([list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: security_PPStream.exe ([]about in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} http://t.live.cctv.c...dateInstall.dll (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.Email Removed.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-us.cab (Windows Live Email Removed Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (\SOFTWARE\Microsoft\Windows NT\Cu) - File not found
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2f3b86e6-deab-11de-bcf3-0023ae240b69}\Shell - "" = AutoRun
O33 - MountPoints2\{2f3b86e6-deab-11de-bcf3-0023ae240b69}\Shell\AutoRun\command - "" = O:\Autorun.exe -- File not found
O33 - MountPoints2\{2f3b86e7-deab-11de-bcf3-0023ae240b69}\Shell - "" = AutoRun
O33 - MountPoints2\{2f3b86e7-deab-11de-bcf3-0023ae240b69}\Shell\AutoRun\command - "" = P:\autorun.exe -- File not found
O33 - MountPoints2\{a2277fe6-be1d-11de-955e-0023ae240b69}\Shell - "" = AutoRun
O33 - MountPoints2\{a2277fe6-be1d-11de-955e-0023ae240b69}\Shell\AutoRun\command - "" = D:\autorun.exe -- File not found
O33 - MountPoints2\{a227802e-be1d-11de-955e-0023ae240b69}\Shell - "" = AutoRun
O33 - MountPoints2\{a227802e-be1d-11de-955e-0023ae240b69}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color="#e56717"]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/10/15 19:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/10/15 12:54:41 | 000,000,000 | ---D | C] -- C:\Users\Li\AppData\Roaming\AVG
[2010/10/15 11:38:06 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2010/10/15 11:30:40 | 000,000,000 | ---D | C] -- C:\Users\Li\AppData\Roaming\Sunbelt
[2010/10/15 11:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sunbelt
[2010/10/15 11:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software
[2010/10/15 10:24:19 | 000,000,000 | ---D | C] -- C:\8212b806078424617daad2
[2010/10/15 10:22:19 | 000,000,000 | ---D | C] -- C:\933005583f2654c61388bf5e
[2010/10/15 09:52:09 | 000,000,000 | ---D | C] -- C:\037172ef4a8cb5d6ced02f48
[2010/10/14 16:05:13 | 000,000,000 | ---D | C] -- C:\5c250211bac71a1e100fc47942
[2010/10/14 15:59:02 | 000,000,000 | ---D | C] -- C:\cd55a624b5fb66d6eff42459f55c
[2010/10/14 15:50:30 | 000,000,000 | ---D | C] -- C:\8152dc79096dc4402aca
[2010/10/14 15:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2010/10/14 12:13:49 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/10/14 11:46:02 | 000,000,000 | ---D | C] -- C:\Users\Li\AppData\Roaming\AVG10
[2010/10/14 11:44:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/10/14 11:43:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2010/10/14 11:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/10/14 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/10/14 11:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/10/14 10:39:40 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010/10/14 10:39:40 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2010/10/14 10:39:37 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsprx5.dll
[2010/10/14 10:39:37 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsprx2.dll
[2010/10/14 10:39:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsprx6.dll
[2010/10/14 10:39:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsprx3.dll
[2010/10/14 10:39:37 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsprx4.dll
[2010/10/14 10:39:36 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qmgrprxy.dll
[2010/10/14 10:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/10/13 22:46:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/13 21:59:12 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/10/13 21:59:12 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/10/13 21:55:32 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/10/13 21:55:32 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010/10/13 21:42:09 | 000,000,000 | ---D | C] -- C:\ba8cf1429f4fac3d2f0de7
[2010/10/13 21:42:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010/10/13 21:30:03 | 000,527,360 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2010/10/13 21:29:49 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2010/10/13 21:29:49 | 000,139,776 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2010/10/13 21:29:49 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2010/10/13 21:29:47 | 000,047,104 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctppld.dll
[2010/10/13 21:29:46 | 003,350,528 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2010/10/13 21:29:46 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2010/10/13 21:29:45 | 012,460,124 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2010/10/13 21:28:34 | 000,175,616 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\st326272.dll
[2010/10/13 21:26:06 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/10/13 21:24:53 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll
[2010/10/13 21:24:52 | 000,252,536 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys
[2010/10/13 20:58:12 | 000,000,000 | ---D | C] -- C:\Users\Li\AppData\Local\Dell
[2010/10/05 23:27:15 | 000,000,000 | ---D | C] -- C:\Users\Li\AppData\Local\DBControl
[2010/09/29 15:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/29 15:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/29 15:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/29 15:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/29 13:42:07 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/09/29 13:42:07 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/09/29 13:42:07 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/09/17 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\Li\AppData\Local\Orange
[2010/09/17 11:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\Orange Toolbar UK
[2010/09/17 11:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Orange
[2009/08/04 12:48:41 | 008,653,312 | ---- | C] (Dell, Inc.    ) -- C:\Users\Li\AppData\Roaming\DataSafeDotNet.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color="#e56717"]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/10/15 19:17:36 | 000,001,942 | ---- | M] () -- C:\Users\Li\Desktop\HiJackThis.lnk
[2010/10/15 19:02:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/15 19:01:06 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/15 19:01:06 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/15 18:59:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/10/15 18:54:32 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/15 18:54:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/15 18:54:17 | 3177,594,880 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/15 18:18:35 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/10/15 18:18:35 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/10/15 18:12:39 | 096,906,174 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2010/10/15 12:52:06 | 000,000,956 | ---- | M] () -- C:\Users\Li\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2010/10/15 12:52:06 | 000,000,932 | ---- | M] () -- C:\Users\Li\Desktop\AVG PC Tuneup 2011.lnk
[2010/10/15 12:49:32 | 000,000,104 | ---- | M] () -- C:\Windows\System32\SBRC.dat
[2010/10/15 11:30:30 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\CounterSpy.lnk
[2010/10/15 10:50:12 | 000,000,102 | ---- | M] () -- C:\Users\Li\Documents\rename.bat
[2010/10/14 20:42:14 | 000,000,412 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3BBF72A4-3175-489E-8690-9A51A8D140CD}.job
[2010/10/14 11:44:22 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/10/14 11:04:54 | 000,000,176 | ---- | M] () -- C:\Users\Li\Desktop\BITS_fix.bat
[2010/10/14 10:49:27 | 000,000,000 | ---- | M] () -- C:\Users\Li\regsvr32
[2010/10/14 10:46:47 | 000,000,293 | ---- | M] () -- C:\Users\Li\Desktop\register.bat
[2010/10/13 22:53:24 | 000,000,672 | ---- | M] () -- C:\Users\Li\Documents\cc_20101013_225322.reg
[2010/10/13 22:53:08 | 000,002,264 | ---- | M] () -- C:\Users\Li\Documents\cc_20101013_225305.reg
[2010/10/13 22:52:47 | 000,067,164 | ---- | M] () -- C:\Users\Li\Documents\cc_20101013_225039.reg
[2010/10/13 22:46:11 | 000,000,766 | ---- | M] () -- C:\Users\Li\Desktop\CCleaner.lnk
[2010/10/13 22:38:40 | 000,001,679 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010/10/13 21:26:40 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2010/10/13 21:26:33 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/10/13 21:18:58 | 004,283,656 | ---- | M] () -- C:\Users\Li\Documents\CW1384A0.exe
[2010/10/13 21:18:42 | 005,591,800 | ---- | M] () -- C:\Users\Li\Documents\Dell_QuickSet_A07_R272666.exe
[2010/10/13 21:18:29 | 010,433,216 | ---- | M] () -- C:\Users\Li\Documents\R270497.exe
[2010/10/13 21:17:44 | 033,356,112 | ---- | M] () -- C:\Users\Li\Documents\R264250.exe
[2010/10/13 21:17:23 | 071,246,000 | ---- | M] () -- C:\Users\Li\Documents\R206848.exe
[2010/10/13 21:16:20 | 016,999,816 | ---- | M] () -- C:\Users\Li\Documents\Dell_System-Software_A05_R259999.exe
[2010/10/13 21:14:29 | 021,986,144 | ---- | M] () -- C:\Users\Li\Documents\R215593.exe
[2010/10/13 21:14:29 | 001,162,486 | ---- | M] () -- C:\Users\Li\Documents\1545_A14.EXE
[2010/10/13 21:14:05 | 010,153,608 | ---- | M] () -- C:\Users\Li\Documents\R215450.exe
[2010/10/13 21:12:16 | 024,596,096 | ---- | M] () -- C:\Users\Li\Documents\R197859.exe
[2010/10/13 21:12:05 | 021,927,944 | ---- | M] () -- C:\Users\Li\Documents\R197868.exe
[2010/10/13 21:11:03 | 000,562,988 | ---- | M] () -- C:\Users\Li\Documents\R197861.exe
[2010/10/13 21:10:53 | 002,284,048 | ---- | M] () -- C:\Users\Li\Documents\R197840.exe
[2010/10/12 21:36:39 | 000,436,792 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010/10/10 22:37:43 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2010/10/10 14:17:35 | 000,000,104 | ---- | M] () -- C:\Users\Li\Desktop\update.jpg
[2010/10/07 14:28:44 | 000,048,128 | ---- | M] () -- C:\Users\Li\Desktop\Candidate Screening Form Branch - Oct 2010.doc
[2010/10/06 22:04:13 | 000,001,797 | ---- | M] () -- C:\Users\Public\Desktop\Orange Broadband.lnk
[2010/10/06 22:04:13 | 000,001,693 | ---- | M] () -- C:\Users\Li\Application Data\Microsoft\Internet Explorer\Quick Launch\Orange.lnk
[2010/10/06 22:04:13 | 000,001,691 | ---- | M] () -- C:\Users\Public\Desktop\Livebox Configuration.lnk
[2010/10/06 22:04:13 | 000,001,656 | ---- | M] () -- C:\Users\Public\Desktop\Livebox Help.lnk
[2010/10/02 21:10:21 | 000,010,606 | ---- | M] () -- C:\Users\Li\Documents\Li Job Details.docx
[2010/10/02 21:09:59 | 000,010,876 | ---- | M] () -- C:\Users\Li\Documents\Li Application Questions.docx
[2010/10/01 23:28:08 | 000,604,764 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/01 23:28:08 | 000,108,096 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/09/30 21:50:35 | 000,010,988 | ---- | M] () -- C:\Users\Li\Desktop\James George Collie.docx
[2010/09/29 15:48:07 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 15:44:54 | 000,001,688 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/29 13:55:58 | 000,002,539 | ---- | M] () -- C:\Users\Public\Desktop\FMRTE.lnk
[2010/09/27 10:06:26 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Google 地球.lnk
[2010/09/26 22:09:25 | 000,001,870 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color="#e56717"]========== Files Created - No Company Name ==========[/color]
 
[2010/10/15 19:17:36 | 000,001,942 | ---- | C] () -- C:\Users\Li\Desktop\HiJackThis.lnk
[2010/10/15 18:54:13 | 3177,594,880 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/15 18:12:39 | 096,906,174 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2010/10/15 12:52:06 | 000,000,956 | ---- | C] () -- C:\Users\Li\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2010/10/15 12:52:06 | 000,000,932 | ---- | C] () -- C:\Users\Li\Desktop\AVG PC Tuneup 2011.lnk
[2010/10/15 12:47:17 | 000,000,104 | ---- | C] () -- C:\Windows\System32\SBRC.dat
[2010/10/15 11:30:29 | 000,001,871 | ---- | C] () -- C:\Users\Public\Desktop\CounterSpy.lnk
[2010/10/15 11:21:02 | 000,000,000 | ---- | C] () -- C:\Users\Li\sfcdetails.txt
[2010/10/15 10:50:12 | 000,000,102 | ---- | C] () -- C:\Users\Li\Documents\rename.bat
[2010/10/14 11:44:22 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/10/14 11:04:53 | 000,000,176 | ---- | C] () -- C:\Users\Li\Desktop\BITS_fix.bat
[2010/10/14 10:49:27 | 000,000,000 | ---- | C] () -- C:\Users\Li\regsvr32
[2010/10/14 10:46:47 | 000,000,293 | ---- | C] () -- C:\Users\Li\Desktop\register.bat
[2010/10/13 22:53:23 | 000,000,672 | ---- | C] () -- C:\Users\Li\Documents\cc_20101013_225322.reg
[2010/10/13 22:53:06 | 000,002,264 | ---- | C] () -- C:\Users\Li\Documents\cc_20101013_225305.reg
[2010/10/13 22:50:43 | 000,067,164 | ---- | C] () -- C:\Users\Li\Documents\cc_20101013_225039.reg
[2010/10/13 22:46:11 | 000,000,766 | ---- | C] () -- C:\Users\Li\Desktop\CCleaner.lnk
[2010/10/13 22:38:40 | 000,001,679 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010/10/13 21:26:40 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2010/10/13 21:26:33 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/10/13 21:26:09 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010/10/13 21:17:44 | 005,591,800 | ---- | C] () -- C:\Users\Li\Documents\Dell_QuickSet_A07_R272666.exe
[2010/10/13 21:17:23 | 004,283,656 | ---- | C] () -- C:\Users\Li\Documents\CW1384A0.exe
[2010/10/13 21:16:20 | 010,433,216 | ---- | C] () -- C:\Users\Li\Documents\R270497.exe
[2010/10/13 21:14:29 | 033,356,112 | ---- | C] () -- C:\Users\Li\Documents\R264250.exe
[2010/10/13 21:14:29 | 016,999,816 | ---- | C] () -- C:\Users\Li\Documents\Dell_System-Software_A05_R259999.exe
[2010/10/13 21:14:05 | 001,162,486 | ---- | C] () -- C:\Users\Li\Documents\1545_A14.EXE
[2010/10/13 21:12:16 | 021,986,144 | ---- | C] () -- C:\Users\Li\Documents\R215593.exe
[2010/10/13 21:12:05 | 010,153,608 | ---- | C] () -- C:\Users\Li\Documents\R215450.exe
[2010/10/13 21:11:03 | 071,246,000 | ---- | C] () -- C:\Users\Li\Documents\R206848.exe
[2010/10/13 21:10:53 | 000,562,988 | ---- | C] () -- C:\Users\Li\Documents\R197861.exe
[2010/10/13 21:09:51 | 024,596,096 | ---- | C] () -- C:\Users\Li\Documents\R197859.exe
[2010/10/13 21:09:51 | 021,927,944 | ---- | C] () -- C:\Users\Li\Documents\R197868.exe
[2010/10/13 21:09:51 | 002,284,048 | ---- | C] () -- C:\Users\Li\Documents\R197840.exe
[2010/10/07 14:28:43 | 000,048,128 | ---- | C] () -- C:\Users\Li\Desktop\Candidate Screening Form Branch - Oct 2010.doc
[2010/10/05 23:27:15 | 000,000,000 | ---- | C] () -- C:\Users\Li\AppData\Local\googleupdate.log
[2010/10/02 21:10:20 | 000,010,606 | ---- | C] () -- C:\Users\Li\Documents\Li Job Details.docx
[2010/10/02 21:09:58 | 000,010,876 | ---- | C] () -- C:\Users\Li\Documents\Li Application Questions.docx
[2010/09/30 21:50:34 | 000,010,988 | ---- | C] () -- C:\Users\Li\Desktop\James George Collie.docx
[2010/09/29 15:48:07 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 15:44:54 | 000,001,688 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/27 10:06:26 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Google 地球.lnk
[2010/09/26 22:09:25 | 000,001,870 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[2010/09/17 11:49:54 | 000,001,691 | ---- | C] () -- C:\Users\Public\Desktop\Livebox Configuration.lnk
[2010/09/17 11:49:54 | 000,001,656 | ---- | C] () -- C:\Users\Public\Desktop\Livebox Help.lnk
[2010/09/17 11:49:53 | 000,583,774 | ---- | C] () -- C:\Windows\Orange_Vista.ico
[2010/09/17 11:49:53 | 000,025,214 | ---- | C] () -- C:\Windows\Orange.ico
[2010/09/17 11:49:53 | 000,015,086 | ---- | C] () -- C:\Windows\uninstall_livebox.ico
[2010/09/17 11:49:53 | 000,015,086 | ---- | C] () -- C:\Windows\livebox.ico
[2010/09/17 11:49:53 | 000,001,797 | ---- | C] () -- C:\Users\Public\Desktop\Orange Broadband.lnk
[2010/09/17 11:49:53 | 000,001,693 | ---- | C] () -- C:\Users\Li\Application Data\Microsoft\Internet Explorer\Quick Launch\Orange.lnk
[2010/09/17 11:49:23 | 000,116,736 | ---- | C] () -- C:\Windows\Uninstall_Livebox.EXE
[2010/08/01 07:42:44 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/06/10 21:08:03 | 000,000,087 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/06/10 18:53:31 | 000,023,650 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/03/07 14:23:54 | 000,000,153 | ---- | C] () -- C:\Windows\System32\e06beb090c.dll
[2010/02/27 21:10:11 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/02/27 18:18:30 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010/02/27 18:18:24 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010/02/05 14:55:59 | 000,000,162 | ---- | C] () -

[guestolo]

You may have seen this already, but have you tried the fix from the following link? BITS repair tool
If you haven't tried it, save the tool to desktop
Right click on it and "Run as Admin"
Reboot the computer afterwards, see if it's any help

http://support.microsoft.com/kb/940520

[dlaw86]

[quote name='guestolo' date='15 October 2010 - 07:08 PM' timestamp='1287169725' post='472353']
You may have seen this already, but have you tried the fix from the following link? BITS repair tool
If you haven't tried it, save the tool to desktop
Right click on it and "Run as Admin"
Reboot the computer afterwards, see if it's any help

http://support.microsoft.com/kb/940520
[/quote]

I tried this and it said that Background Intelligent Transfer Service (BITS) repair is not required currently

[guestolo]

Go to START>>In the Search field type in services.msc
Enter

In the Service config window
Right click on Background Intelligent Transfer Service
and select Properties

Is the startup type set to Manual, if not, select it
Click the Log On tab
Under Hardware Profile
Any profile should have the service enabled, if not, enable it
In addition, ensure that you "Log on As.."
"Local System Account"

Have you checked those settings yet?

[dlaw86]

[quote name='guestolo' date='15 October 2010 - 07:55 PM' timestamp='1287172526' post='472357']
Go to START>>In the Search field type in services.msc
Enter

In the Service config window
Right click on Background Intelligent Transfer Service
and select Properties

Is the startup type set to Manual, if not, select it
Click the Log On tab
Under Hardware Profile
Any profile should have the service enabled, if not, enable it
In addition, ensure that you "Log on As.."
"Local System Account"

Have you checked those settings yet?
[/quote]

All those settings are correct

[guestolo]

Try the following please, may not help, but sure wouldn't hurt

Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it.
NOTE: If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately.

Next Download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.    
• If an update is found, it will download and install the latest version.    
• Once the program has loaded, select "Perform Quick Scan", then click Scan.    
  
• The scan may take some time to finish,so please be patient.    
• When the scan is complete, click OK, then Show Results to view the results.    
  
• Make sure that everything is checked, and click Remove Selected.
      * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)    
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.    
• Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Could you also ensure that these services are started in services.msc
COM+ Event System
Remote Procedure Call (RPC)
DCOM Server Process Launcher

[dlaw86]

[quote name='guestolo' date='15 October 2010 - 08:16 PM' timestamp='1287173807' post='472359']
Try the following please, may not help, but sure wouldn't hurt

Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it.
NOTE: If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately.

Next Download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
   * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Could you also ensure that these services are started in services.msc
COM+ Event System
Remote Procedure Call (RPC)
DCOM Server Process Launcher
[/quote]

 Malwarebytes' Anti-Malware 1.46

 www.malwarebytes.org

 

 Database version: 4841

 

 Windows 6.0.6002 Service Pack 2

 Internet Explorer 8.0.6001.18828

 

 15/10/2010 21:42:30

 mbam-log-2010-10-15 (21-42-30).txt

 

 Scan type: Quick scan

 Objects scanned: 146872

 Time elapsed: 13 minute(s), 3 second(s)

 

 Memory Processes Infected: 0

 Memory Modules Infected: 0

 Registry Keys Infected: 3

 Registry Values Infected: 0

 Registry Data Items Infected: 1

 Folders Infected: 2

 Files Infected: 0

 

 Memory Processes Infected:

 (No malicious items detected)

 

 Memory Modules Infected:

 (No malicious items detected)

 

 Registry Keys Infected:

 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{09860117-ae68-60e5-9dbe-c2c2388a068a} (Namespace.Hijack) -> Quarantined and deleted successfully.

 HKEY_CURRENT_USER\SOFTWARE\FlySky (Malware.Trace) -> Quarantined and deleted successfully.

 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

 

 Registry Values Infected:

 (No malicious items detected)

 

 Registry Data Items Infected:

 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://www.wz123.com/?wanmei) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.

 

 Folders Infected:

 C:\Windows\System32\senol (Backdoor.Bot) -> Quarantined and deleted successfully.

 C:\Windows\System32\senol\4002 (Backdoor.Bot) -> Quarantined and deleted successfully.

 

 Files Infected:

 (No malicious items detected)

done all the things that you suggested in the previous post and i still can't start BITS.

[guestolo]

Did you see my edit?
I'm not sure unless you let me know, just in case can you ensure of the following

Are these services running?
COM+ Event System
Remote Procedure Call (RPC)
DCOM Server Process Launcher

[dlaw86]

[quote name='guestolo' date='15 October 2010 - 08:57 PM' timestamp='1287176228' post='472362']
Did you see my edit?
I'm not sure unless you let me know, just in case can you ensure of the following

Are these services running?
COM+ Event System
Remote Procedure Call (RPC)
DCOM Server Process Launcher
[/quote]

yeah sorry meant to say that i checked and all these services are currently running

[guestolo]

I want to try one more scanner
Download ComboFix from the following location

[color="#0000FF"]Link 1[/color]
Save it ONLY to your Desktop

      --------------------------------------------------------------------
[color="#2E8B57"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

Double click on ComboFix.exe & follow the prompts.

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

[dlaw86]

[quote name='guestolo' date='15 October 2010 - 09:08 PM' timestamp='1287176888' post='472364']
I want to try one more scanner
Download ComboFix from the following location

[color="#0000ff"]Link 1[/color]
Save it ONLY to your Desktop

 --------------------------------------------------------------------
[color="#2e8b57"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

Double click on ComboFix.exe & follow the prompts.

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please
[/quote]

Thanks! This worked and BITS has now started and my windows update is working fine now. Thanks for all your help

[guestolo]

What happened to the log?

Please include the C:\ComboFix.txt

[dlaw86]

[quote name='guestolo' date='15 October 2010 - 11:54 PM' timestamp='1287186841' post='472380']
What happened to the log?

  ComboFix 10-10-14.04 - Li 15/10/2010 23:01:49.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3032.1860 [GMT 1:00] Running from:
c:\users\Li\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- .
C:\fheydbueyj.exe
c:\fheydbueyj.exe\config.bin
c:\windows\system32\5c89e87aa3.dat . ((((((((((((((((((((((((( Files Created from 2010-09-15 to 2010-10-15 ))))))))))))))))))))))))))))))) . 2010-10-15 22:19 . 2010-10-15 22:19 -------- d-----w-
c:\users\Default\AppData\Local\temp 2010-10-15 21:58 . 2010-10-15 21:59 -------- d-----w-
C:\32788R22FWJFW 2010-10-15 21:44 . 2010-10-15 22:19 -------- d-----w-
c:\users\Li\AppData\Local\temp 2010-10-15 20:28 . 2010-10-15 20:28 -------- d-----w-
c:\users\Li\AppData\Roaming\Malwarebytes 2010-10-15 20:28 . 2010-04-29 14:39 38224 ----a-w-
c:\windows\system32\drivers\mbamswissarmy.sys 2010-10-15 20:28 . 2010-10-15 20:28 -------- d-----w-
c:\programdata\Malwarebytes 2010-10-15 20:28 . 2010-10-15 20:28 -------- d-----w-
c:\program files\Malwarebytes' Anti-Malware 2010-10-15 20:28 . 2010-04-29 14:39 20952 ----a-w-
c:\windows\system32\drivers\mbam.sys 2010-10-15 18:17 . 2010-10-15 18:17 388096 ----a-r-
c:\users\Li\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-10-15 18:17 . 2010-10-15 18:17 -------- d-----w-
c:\program files\Trend Micro 2010-10-15 11:54 . 2010-10-15 12:57 -------- d-----w-
c:\users\Li\AppData\Roaming\AVG 2010-10-15 10:38 . 2010-10-15 10:38 -------- d-----w-
c:\windows\CheckSur 2010-10-15 10:30 . 2010-10-15 10:30 -------- d-----w-
c:\users\Li\AppData\Roaming\Sunbelt 2010-10-15 10:30 . 2010-10-15 10:30 -------- d-----w-
c:\programdata\Sunbelt 2010-10-15 10:30 . 2010-10-15 10:30 -------- d-----w-
c:\program files\Sunbelt Software 2010-10-15 09:24 . 2010-10-15 09:24 -------- d-----w-
C:\8212b806078424617daad2 2010-10-15 09:22 . 2010-10-15 09:22 -------- d-----w-
C:\933005583f2654c61388bf5e 2010-10-15 08:52 . 2010-10-15 09:26 -------- d-----w-
C:\037172ef4a8cb5d6ced02f48 2010-10-14 15:05 . 2010-10-14 15:05 -------- d-----w-
C:\5c250211bac71a1e100fc47942 2010-10-14 14:59 . 2010-10-14 14:59 -------- d-----w-
C:\cd55a624b5fb66d6eff42459f55c 2010-10-14 14:50 . 2010-10-14 14:50 -------- d-----w-
C:\8152dc79096dc4402aca 2010-10-14 14:09 . 2010-10-14 14:19 -------- d-----w-
c:\programdata\DAEMON Tools Pro 2010-10-14 11:13 . 2010-10-14 11:13 -------- d-----w-
C:\$AVG 2010-10-14 10:44 . 2010-10-14 10:44 -------- d--h--w-
c:\programdata\Common Files 2010-10-14 10:43 . 2010-10-15 17:12 -------- d-----w-
c:\windows\system32\drivers\AVG 2010-10-14 10:43 . 2010-10-14 14:05 -------- d-----w-
c:\programdata\AVG10 2010-10-14 10:42 . 2010-10-15 11:52 -------- d-----w-
c:\program files\AVG 2010-10-14 10:38 . 2010-10-14 10:42 -------- d-----w-
c:\programdata\MFAData 2010-10-14 09:39 . 2009-10-09 21:55 39424 ----a-w-
c:\windows\system32\bitsigd.dll 2010-10-14 09:39 . 2009-10-09 21:55 18432 ----a-w-
c:\windows\system32\bitsperf.dll 2010-10-14 09:39 . 2009-10-09 21:55 584704 ----a-w-
c:\windows\system32\qmgr.dll 2010-10-14 09:39 . 2009-10-09 21:55 17920 ----a-w-
c:\windows\system32\bitsprx5.dll 2010-10-14 09:39 . 2009-10-09 21:55 10240 ----a-w-
c:\windows\system32\bitsprx6.dll 2010-10-14 09:39 . 2009-10-09 21:55 9216 ----a-w-
c:\windows\system32\bitsprx4.dll 2010-10-14 09:39 . 2009-10-09 21:55 10752 ----a-w-
c:\windows\system32\bitsprx2.dll 2010-10-14 09:39 . 2009-10-09 21:55 10240 ----a-w-
c:\windows\system32\bitsprx3.dll 2010-10-14 09:39 . 2009-10-09 21:55 20480 ----a-w-
c:\windows\system32\qmgrprxy.dll 2010-10-14 09:22 . 2010-10-15 09:37 -------- d-----w-
c:\program files\Windows Live Safety Center 2010-10-13 21:46 . 2010-10-13 21:46 -------- d-----w-
c:\program files\CCleaner 2010-10-13 21:01 . 2009-10-05 14:20 907832 ----a-w-
c:\windows\system32\drivers\tcpip.sys 2010-10-13 21:01 . 2009-10-05 11:39 31232 ----a-w-
c:\windows\system32\drivers\tcpipreg.sys 2010-10-13 20:59 . 2009-09-18 10:21 170496 ----a-w-
c:\windows\system32\tcpipcfg.dll 2010-10-13 20:59 . 2009-09-18 10:20 22528 ----a-w-
c:\windows\system32\netiougc.exe 2010-10-13 20:55 . 2009-11-06 10:51 197632 ----a-w-
c:\windows\system32\drivers\usbhub.sys 2010-10-13 20:55 . 2009-11-06 10:51 73216 ----a-w-
c:\windows\system32\drivers\usbccgp.sys 2010-10-13 20:55 . 2009-11-06 10:51 228352 ----a-w-
c:\windows\system32\drivers\usbport.sys 2010-10-13 20:55 . 2009-11-06 10:50 39936 ----a-w-
c:\windows\system32\drivers\usbehci.sys 2010-10-13 20:55 . 2009-11-06 10:50 23552 ----a-w-
c:\windows\system32\drivers\usbuhci.sys 2010-10-13 20:55 . 2009-11-06 10:50 5888 ----a-w-
c:\windows\system32\drivers\usbd.sys 2010-10-13 20:42 . 2010-10-13 20:42 -------- d-----w-
C:\ba8cf1429f4fac3d2f0de7 2010-10-13 20:42 . 2009-07-18 09:23 33280 ----a-w-
c:\windows\system32\drivers\watchdog.sys 2010-10-13 20:30 . 2010-02-26 01:03 527360 ------w-
c:\windows\system32\stapi32.dll 2010-10-13 20:29 . 2010-01-12 01:01 139776 ----a-w-
c:\windows\system32\aestacap.dll 2010-10-13 20:29 . 2009-10-09 23:45 380928 ----a-w-
c:\windows\system32\aestecap.dll 2010-10-13 20:29 . 2009-03-03 00:57 61440 ----a-w-
c:\windows\system32\aestaren.dll 2010-10-13 20:29 . 2009-05-13 02:26 47104 ----a-w-
c:\windows\system32\ctppld.dll 2010-10-13 20:29 . 2010-02-26 01:03 536576 ----a-w-
c:\windows\system32\idtmini1.exe 2010-10-13 20:29 . 2010-02-26 01:03 3350528 ----a-w-
c:\windows\system32\stlang.dll 2010-10-13 20:29 . 2010-02-26 01:03 12460124 ----a-w-
c:\windows\system32\idtcpl.cpl 2010-10-13 20:28 . 2010-02-26 01:03 175616 ----a-w-
c:\windows\system32\st326272.dll 2010-10-13 20:26 . 2009-07-14 17:45 445008 ----a-w-
c:\windows\system32\drivers\Wdf01000.sys 2010-10-13 20:26 . 2009-07-14 17:45 38480 ----a-w-
c:\windows\system32\drivers\WdfLdr.sys 2010-10-13 20:24 . 2009-07-14 11:27 1461992 ----a-w-
c:\windows\system32\WdfCoInstaller01009.dll 2010-10-13 20:24 . 2010-04-15 12:36 252536 ----a-w-
c:\windows\system32\drivers\Apfiltr.sys 2010-10-13 19:58 . 2010-10-13 19:58 -------- d-----w-
c:\users\Li\AppData\Local\Dell 2010-10-05 22:27 . 2010-10-05 22:27 -------- d-----w-
c:\users\Li\AppData\Local\DBControl 2010-09-29 14:47 . 2010-09-29 14:47 -------- d-----w-
c:\program files\iPod 2010-09-29 14:47 . 2010-09-29 14:48 -------- d-----w-
c:\program files\iTunes 2010-09-29 14:43 . 2010-09-29 14:43 -------- d-----w-
c:\program files\Bonjour 2010-09-29 12:42 . 2009-11-08 17:55 99176 ----a-w-
c:\windows\system32\PresentationHostProxy.dll 2010-09-29 12:42 . 2009-11-08 17:55 49472 ----a-w-
c:\windows\system32\netfxperf.dll 2010-09-29 12:42 . 2009-11-08 17:55 297808 ----a-w-
c:\windows\system32\mscoree.dll 2010-09-29 12:42 . 2009-11-08 17:55 295264 ----a-w-
c:\windows\system32\PresentationHost.exe 2010-09-29 12:42 . 2009-11-08 17:55 1130824 ----a-w-
c:\windows\system32\dfshim.dll 2010-09-17 10:50 . 2010-09-17 10:50 -------- d-----w-
c:\users\Li\AppData\Local\Orange 2010-09-17 10:49 . 2010-10-06 21:04 -------- d-----w-
c:\program files\Orange Toolbar UK 2010-09-17 10:49 . 2010-09-17 10:49 -------- d-----w-
c:\program files\Orange 2010-09-17 10:49 . 2007-06-21 11:05 116736 ----a-w-
c:\windows\Uninstall_Livebox.EXE . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "
c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-09-28 21:44 1400712 ----a-w-
c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "
c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "
c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="
c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "msnmsgr"="
c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Pando Media Booster"="
c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-11-12 2923192] "swg"="
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-11 39408] "WMPNSCFG"="
c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="
c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "Apoint"="
c:\program files\DellTPad\Apoint.exe" [2010-04-05 288040] "Broadcom Wireless Manager UI"="
c:\windows\system32\WLTRAY.exe" [2008-11-17 3810304] "IAAnotif"="
c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712] "Dell DataSafe Online"="
c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600] "dellsupportcenter"="
c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064] "Adobe Reader Speed Launcher"="
c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "DivXUpdate"="
c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584] "QuickTime Task"="
c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "iTunesHelper"="
c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160] "SysTrayApp"="
c:\program files\IDT\WDM\sttray.exe" [2010-02-26 495708] "IgfxTray"="
c:\windows\system32\igfxtray.exe" [2009-01-16 141848] "HotKeysCmds"="
c:\windows\system32\hkcmd.exe" [2009-01-16 173592] "Persistence"="
c:\windows\system32\igfxpers.exe" [2009-01-16 150552] "AVG_TRAY"="
c:\program files\AVG\AVG10\avgtray.exe" [2010-09-15 2745696] "SBAMTray"="
c:\program files\Sunbelt Software\CounterSpy\SBAMTray.exe" [2010-08-20 1348944] "Malwarebytes Anti-Malware (reboot)"="
c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
c:\users\Li\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk -
c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Audible Download Manager.lnk -
c:\program files\Audible\Bin\AudibleDownloadHelper.exe [2010-4-23 1795488]
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk -
c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2009-03-17 22:40 10536 ----a-w-
c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0
c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0
c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=
c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-04-04 05:42 36272 ----a-w-
c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] 2009-10-19 09:57 323392 ----a-w-
c:\users\Li\Program Files\DNA\btdna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-09-24 01:10 421160 ----a-w-
c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 21:12 3872080 ----a-w-
c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv] 2008-05-23 19:06 128296 ------w-
c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-09-08 10:17 421888 ----a-w-
c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QvodPlayer] 2009-06-11 11:06 537992 ----a-w-
c:\program files\QvodPlayer\QvodTerminal.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2009-10-24 10:20 1217808 ----a-w-
c:\program files\Steam\Steam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-04-01 19:59 198160 ----a-w-
c:\program files\Common Files\Real\Update_OB\realsched.exe R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate1ca1a74e50fc337;Google Update Service (gupdate1ca1a74e50fc337);
c:\program files\Google\Update\GoogleUpdate.exe [2009-08-11 133104] R3 rsvcdwdr;rsvcdwdr;
c:\windows\system32\DRIVERS\rsvcdwdr.sys [2010-04-19 33384] R3 SndTAudio;SndTAudio;
c:\windows\system32\drivers\SndTAudio.sys [2008-11-11 23096] R3 SndTVideo;SndTVideo;
c:\windows\system32\DRIVERS\SndTVideo.sys [2008-11-11 3768] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 sptd;sptd;
c:\windows\system32\Drivers\sptd.sys [2010-10-12 436792] S0 AVGIDSEH;AVGIDSEH;
c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680] S0 Avgrkx86;AVG Anti-Rootkit Driver;
c:\windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064] S1 Avgldx86;AVG AVI Loader Driver;
c:\windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424] S1 Avgtdix;AVG TDI Driver;
c:\windows\system32\DRIVERS\avgtdix.sys [2010-09-07 298448] S1 SBRE;SBRE;
c:\windows\system32\drivers\SBREDrv.sys [2010-05-13 98392] S2 AESTFilters;Andrea ST Filters Service;
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe [2009-03-03 81920] S2 AVGIDSAgent;AVGIDSAgent;
c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-09-03 6104144] S2 avgwd;AVG WatchDog;
c:\program files\AVG\AVG10\avgwdsvc.exe [2010-09-10 265400] S2 DockLoginService;Dock Login Service;
c:\program files\Dell\DellDock\DockLogin.exe [2008-09-24 155648] S2 SBAMSvc;CounterSpy Antispyware;
c:\program files\Sunbelt Software\CounterSpy\SBAMSvc.exe [2010-08-20 2763080] S2 sbapifs;sbapifs;
c:\windows\system32\DRIVERS\sbapifs.sys [2010-06-14 69976] S2 SBPIMSvc;SB Recovery Service;
c:\program files\Sunbelt Software\CounterSpy\SBPIMSvc.exe [2010-08-20 181584] S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc

• S3 AVGIDSDriver;AVGIDSDriver;

c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472] S3 AVGIDSFilter;AVGIDSFilter;
c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288] S3 AVGIDSShim;AVGIDSShim;
c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] ComnGrp REG_MULTI_SZ ComnCena HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}] 2010-02-16 18:02 114688 ----a-w-
c:\program files\PixiePack Codec Pack\InstallerHelper.exe . Contents of the 'Scheduled Tasks' folder 2010-10-15
c:\windows\Tasks\Google Software Updater.job -
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-11 11:13] 2010-10-15
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job -
c:\program files\Google\Update\GoogleUpdate.exe [2009-08-11 11:14] 2010-10-15
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job -
c:\program files\Google\Update\GoogleUpdate.exe [2009-08-11 11:14] 2010-10-10
c:\windows\Tasks\SmartDefrag.job -
c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-02-27 15:30] 2010-10-15
c:\windows\Tasks\User_Feed_Synchronization-{3BBF72A4-3175-489E-8690-9A51A8D140CD}.job -
c:\windows\system32\msfeedssync.exe [2009-10-19 03:41] . . ------- Supplementary Scan ------- . uStart Page = hxxp://uk.ask.com?o=15438&l=dis mStart Page = hxxp://www.Google.com/ uInternet Settings,ProxyOverride = *.local Trusted Zone: 111222.cn\list1 Trusted Zone: pps.tv\kan Trusted Zone: pps.tv\list1 Trusted Zone: pps.tv\tvguide Trusted Zone: pps.tv\vodguide Trusted Zone: ppstream.com\list1 Trusted Zone: ppstream.com\notice Trusted Zone: ppstream.com\xml1 Trusted Zone: ppstream.com\xml2 Trusted Zone: ppstream.com\xml3 Trusted Zone: ppstream.net\list1 Trusted Zone: ppstv.com\list1 Trusted Zone: ppstv.net\list1 Trusted Zone: security_PPStream.exe DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - hxxp://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll FF - ProfilePath -
c:\users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BT5&o=15435&locale=en_UK&apn_uid=BBD1ED93-83EA-4395-9FCD-2D2F5FB5A448&apn_ptnrs=GG&apn_sauid=43CCB9ED-EFB8-47BA-A6F6-F73D363E5053&apn_dtid=YYYYYYB3GB&q= FF - component:
c:\program files\AVG\AVG10\Firefox\components\avgssff.dll FF - component:
c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - plugin:
c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin:
c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin:
c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll FF - plugin:
c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin:
c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin:
c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin:
c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin:
c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin:
c:\program files\Veetle\Player\npvlc.dll FF - plugin:
c:\program files\Veetle\plugins\npVeetle.dll FF - plugin:
c:\program files\Veetle\VLCBroadcast\npvbp.dll FF - plugin:
c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin:
c:\users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\[email protected]\plugins\npCCTVplayer.dll FF - plugin:
c:\users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\[email protected]\plugins\npTVUAx.dll FF - plugin:
c:\users\Li\Program Files\DNA\plugins\npbtdna.dll FF - plugin:
c:\users\Li\Program Files\DNA\plugins\npbtdna.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} -
c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-EA Core -
c:\program files\Electronic Arts\EADM\Core.exe MSConfigStartUp-mcagent_exe -
c:\program files\McAfee.com\Agent\mcagent.exe . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-3487666453-464672847-2176158843-1000\Software\G*e*n*i*e*"!\FM Genie Scout 10] "GameDir"="
c:\Users\Li\Documents\Sports Interactive\Football Manager 2010\games" "ShortlistDir"="" "ScreenshotsDir"="
c:\Users\Li\Documents\Sports Interactive\Football Manager 2010" "SaveDir"="
c:\Users\Li\Documents\Sports Interactive\Football Manager 2010\" "HistoryDir"="
c:\Users\Li\Desktop\New Folder (2)\FM Genie Scout 10\History Points" "LangDB"="" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Steklo Black" "LastUpdateCheck"=dword:00009d10 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000072 "UniqueID"="E5-8380-E7DF" "Currency"=dword:00000056 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" . Completion time: 2010-10-15 23:23:30 ComboFix-quarantined-files.txt 2010-10-15 22:23 Pre-Run: 52,884,918,272 bytes free Post-Run: 52,851,712,000 bytes free - - End Of File - - 5B496AEA557E394CE5521BD2803A16
DF

[guestolo]

Can you do me a favor, your log wasn't very legible
I tried to fix it with d'Rap, but it didn't work all that well

Can you reopen ComboFix.txt in Notepad
Click on FORMAT on the top menu and uncheck WORD WRAP then repost that log

[dlaw86]

[quote name='guestolo' date='16 October 2010 - 12:19 AM' timestamp='1287188385' post='472382']
Can you do me a favor, your log wasn't very legible
I tried to fix it with d'Rap, but it didn't work all that well

Can you reopen ComboFix.txt in Notepad
Click on FORMAT on the top menu and uncheck WORD WRAP then repost that log
[/quote]

ComboFix 10-10-14.04 - Li 15/10/2010 23:01:49.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3032.1860 [GMT 1:00]
Running from: c:\users\Li\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\fheydbueyj.exe
c:\fheydbueyj.exe\config.bin
c:\windows\system32\5c89e87aa3.dat

.
((((((((((((((((((((((((( Files Created from 2010-09-15 to 2010-10-15 )))))))))))))))))))))))))))))))
.

2010-10-15 22:19 . 2010-10-15 22:19   --------   d-----w-   c:\users\Default\AppData\Local\temp
2010-10-15 21:58 . 2010-10-15 21:59   --------   d-----w-   C:\32788R22FWJFW
2010-10-15 21:44 . 2010-10-15 22:19   --------   d-----w-   c:\users\Li\AppData\Local\temp
2010-10-15 20:28 . 2010-10-15 20:28   --------   d-----w-   c:\users\Li\AppData\Roaming\Malwarebytes
2010-10-15 20:28 . 2010-04-29 14:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-15 20:28 . 2010-10-15 20:28   --------   d-----w-   c:\programdata\Malwarebytes
2010-10-15 20:28 . 2010-10-15 20:28   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-10-15 20:28 . 2010-04-29 14:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-10-15 18:17 . 2010-10-15 18:17   388096   ----a-r-   c:\users\Li\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-10-15 18:17 . 2010-10-15 18:17   --------   d-----w-   c:\program files\Trend Micro
2010-10-15 11:54 . 2010-10-15 12:57   --------   d-----w-   c:\users\Li\AppData\Roaming\AVG
2010-10-15 10:38 . 2010-10-15 10:38   --------   d-----w-   c:\windows\CheckSur
2010-10-15 10:30 . 2010-10-15 10:30   --------   d-----w-   c:\users\Li\AppData\Roaming\Sunbelt
2010-10-15 10:30 . 2010-10-15 10:30   --------   d-----w-   c:\programdata\Sunbelt
2010-10-15 10:30 . 2010-10-15 10:30   --------   d-----w-   c:\program files\Sunbelt Software
2010-10-15 09:24 . 2010-10-15 09:24   --------   d-----w-   C:\8212b806078424617daad2
2010-10-15 09:22 . 2010-10-15 09:22   --------   d-----w-   C:\933005583f2654c61388bf5e
2010-10-15 08:52 . 2010-10-15 09:26   --------   d-----w-   C:\037172ef4a8cb5d6ced02f48
2010-10-14 15:05 . 2010-10-14 15:05   --------   d-----w-   C:\5c250211bac71a1e100fc47942
2010-10-14 14:59 . 2010-10-14 14:59   --------   d-----w-   C:\cd55a624b5fb66d6eff42459f55c
2010-10-14 14:50 . 2010-10-14 14:50   --------   d-----w-   C:\8152dc79096dc4402aca
2010-10-14 14:09 . 2010-10-14 14:19   --------   d-----w-   c:\programdata\DAEMON Tools Pro
2010-10-14 11:13 . 2010-10-14 11:13   --------   d-----w-   C:\$AVG
2010-10-14 10:44 . 2010-10-14 10:44   --------   d--h--w-   c:\programdata\Common Files
2010-10-14 10:43 . 2010-10-15 17:12   --------   d-----w-   c:\windows\system32\drivers\AVG
2010-10-14 10:43 . 2010-10-14 14:05   --------   d-----w-   c:\programdata\AVG10
2010-10-14 10:42 . 2010-10-15 11:52   --------   d-----w-   c:\program files\AVG
2010-10-14 10:38 . 2010-10-14 10:42   --------   d-----w-   c:\programdata\MFAData
2010-10-14 09:39 . 2009-10-09 21:55   39424   ----a-w-   c:\windows\system32\bitsigd.dll
2010-10-14 09:39 . 2009-10-09 21:55   18432   ----a-w-   c:\windows\system32\bitsperf.dll
2010-10-14 09:39 . 2009-10-09 21:55   584704   ----a-w-   c:\windows\system32\qmgr.dll
2010-10-14 09:39 . 2009-10-09 21:55   17920   ----a-w-   c:\windows\system32\bitsprx5.dll
2010-10-14 09:39 . 2009-10-09 21:55   10240   ----a-w-   c:\windows\system32\bitsprx6.dll
2010-10-14 09:39 . 2009-10-09 21:55   9216   ----a-w-   c:\windows\system32\bitsprx4.dll
2010-10-14 09:39 . 2009-10-09 21:55   10752   ----a-w-   c:\windows\system32\bitsprx2.dll
2010-10-14 09:39 . 2009-10-09 21:55   10240   ----a-w-   c:\windows\system32\bitsprx3.dll
2010-10-14 09:39 . 2009-10-09 21:55   20480   ----a-w-   c:\windows\system32\qmgrprxy.dll
2010-10-14 09:22 . 2010-10-15 09:37   --------   d-----w-   c:\program files\Windows Live Safety Center
2010-10-13 21:46 . 2010-10-13 21:46   --------   d-----w-   c:\program files\CCleaner
2010-10-13 21:01 . 2009-10-05 14:20   907832   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2010-10-13 21:01 . 2009-10-05 11:39   31232   ----a-w-   c:\windows\system32\drivers\tcpipreg.sys
2010-10-13 20:59 . 2009-09-18 10:21   170496   ----a-w-   c:\windows\system32\tcpipcfg.dll
2010-10-13 20:59 . 2009-09-18 10:20   22528   ----a-w-   c:\windows\system32\netiougc.exe
2010-10-13 20:55 . 2009-11-06 10:51   197632   ----a-w-   c:\windows\system32\drivers\usbhub.sys
2010-10-13 20:55 . 2009-11-06 10:51   73216   ----a-w-   c:\windows\system32\drivers\usbccgp.sys
2010-10-13 20:55 . 2009-11-06 10:51   228352   ----a-w-   c:\windows\system32\drivers\usbport.sys
2010-10-13 20:55 . 2009-11-06 10:50   39936   ----a-w-   c:\windows\system32\drivers\usbehci.sys
2010-10-13 20:55 . 2009-11-06 10:50   23552   ----a-w-   c:\windows\system32\drivers\usbuhci.sys
2010-10-13 20:55 . 2009-11-06 10:50   5888   ----a-w-   c:\windows\system32\drivers\usbd.sys
2010-10-13 20:42 . 2010-10-13 20:42   --------   d-----w-   C:\ba8cf1429f4fac3d2f0de7
2010-10-13 20:42 . 2009-07-18 09:23   33280   ----a-w-   c:\windows\system32\drivers\watchdog.sys
2010-10-13 20:30 . 2010-02-26 01:03   527360   ------w-   c:\windows\system32\stapi32.dll
2010-10-13 20:29 . 2010-01-12 01:01   139776   ----a-w-   c:\windows\system32\aestacap.dll
2010-10-13 20:29 . 2009-10-09 23:45   380928   ----a-w-   c:\windows\system32\aestecap.dll
2010-10-13 20:29 . 2009-03-03 00:57   61440   ----a-w-   c:\windows\system32\aestaren.dll
2010-10-13 20:29 . 2009-05-13 02:26   47104   ----a-w-   c:\windows\system32\ctppld.dll
2010-10-13 20:29 . 2010-02-26 01:03   536576   ----a-w-   c:\windows\system32\idtmini1.exe
2010-10-13 20:29 . 2010-02-26 01:03   3350528   ----a-w-   c:\windows\system32\stlang.dll
2010-10-13 20:29 . 2010-02-26 01:03   12460124   ----a-w-   c:\windows\system32\idtcpl.cpl
2010-10-13 20:28 . 2010-02-26 01:03   175616   ----a-w-   c:\windows\system32\st326272.dll
2010-10-13 20:26 . 2009-07-14 17:45   445008   ----a-w-   c:\windows\system32\drivers\Wdf01000.sys
2010-10-13 20:26 . 2009-07-14 17:45   38480   ----a-w-   c:\windows\system32\drivers\WdfLdr.sys
2010-10-13 20:24 . 2009-07-14 11:27   1461992   ----a-w-   c:\windows\system32\WdfCoInstaller01009.dll
2010-10-13 20:24 . 2010-04-15 12:36   252536   ----a-w-   c:\windows\system32\drivers\Apfiltr.sys
2010-10-13 19:58 . 2010-10-13 19:58   --------   d-----w-   c:\users\Li\AppData\Local\Dell
2010-10-05 22:27 . 2010-10-05 22:27   --------   d-----w-   c:\users\Li\AppData\Local\DBControl
2010-09-29 14:47 . 2010-09-29 14:47   --------   d-----w-   c:\program files\iPod
2010-09-29 14:47 . 2010-09-29 14:48   --------   d-----w-   c:\program files\iTunes
2010-09-29 14:43 . 2010-09-29 14:43   --------   d-----w-   c:\program files\Bonjour
2010-09-29 12:42 . 2009-11-08 17:55   99176   ----a-w-   c:\windows\system32\PresentationHostProxy.dll
2010-09-29 12:42 . 2009-11-08 17:55   49472   ----a-w-   c:\windows\system32\netfxperf.dll
2010-09-29 12:42 . 2009-11-08 17:55   297808   ----a-w-   c:\windows\system32\mscoree.dll
2010-09-29 12:42 . 2009-11-08 17:55   295264   ----a-w-   c:\windows\system32\PresentationHost.exe
2010-09-29 12:42 . 2009-11-08 17:55   1130824   ----a-w-   c:\windows\system32\dfshim.dll
2010-09-17 10:50 . 2010-09-17 10:50   --------   d-----w-   c:\users\Li\AppData\Local\Orange
2010-09-17 10:49 . 2010-10-06 21:04   --------   d-----w-   c:\program files\Orange Toolbar UK
2010-09-17 10:49 . 2010-09-17 10:49   --------   d-----w-   c:\program files\Orange
2010-09-17 10:49 . 2007-06-21 11:05   116736   ----a-w-   c:\windows\Uninstall_Livebox.EXE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44   1400712   ----a-w-   c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-11-12 2923192]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-11 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 288040]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-11-17 3810304]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-02-26 495708]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-16 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-16 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-16 150552]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2010-09-15 2745696]
"SBAMTray"="c:\program files\Sunbelt Software\CounterSpy\SBAMTray.exe" [2010-08-20 1348944]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\users\Li\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk - c:\program files\Audible\Bin\AudibleDownloadHelper.exe [2010-4-23 1795488]

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-03-17 22:40   10536   ----a-w-   c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ    autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42   36272   ----a-w-   c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-10-19 09:57   323392   ----a-w-   c:\users\Li\Program Files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-24 01:10   421160   ----a-w-   c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12   3872080   ----a-w-   c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2008-05-23 19:06   128296   ------w-   c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 10:17   421888   ----a-w-   c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QvodPlayer]
2009-06-11 11:06   537992   ----a-w-   c:\program files\QvodPlayer\QvodTerminal.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-24 10:20   1217808   ----a-w-   c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-04-01 19:59   198160   ----a-w-   c:\program files\Common Files\Real\Update_OB\realsched.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca1a74e50fc337;Google Update Service (gupdate1ca1a74e50fc337);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys [2010-04-19 33384]
R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [2008-11-11 23096]
R3 SndTVideo;SndTVideo;c:\windows\system32\DRIVERS\SndTVideo.sys [2008-11-11 3768]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-10-12 436792]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2010-09-07 298448]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2010-05-13 98392]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe [2009-03-03 81920]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-09-03 6104144]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2010-09-10 265400]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-09-24 155648]
S2 SBAMSvc;CounterSpy Antispyware;c:\program files\Sunbelt Software\CounterSpy\SBAMSvc.exe [2010-08-20 2763080]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2010-06-14 69976]
S2 SBPIMSvc;SB Recovery Service;c:\program files\Sunbelt Software\CounterSpy\SBPIMSvc.exe [2010-08-20 181584]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
ComnGrp   REG_MULTI_SZ    ComnCena
HPZ12   REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt   REG_MULTI_SZ    hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 18:02   114688   ----a-w-   c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder

2010-10-15 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-11 11:13]

2010-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-11 11:14]

2010-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-11 11:14]

2010-10-10 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-02-27 15:30]

2010-10-15 c:\windows\Tasks\User_Feed_Synchronization-{3BBF72A4-3175-489E-8690-9A51A8D140CD}.job
- c:\windows\system32\msfeedssync.exe [2009-10-19 03:41]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://uk.ask.com?o=15438&l=dis
mStart Page = hxxp://www.Google.com/
uInternet Settings,ProxyOverride = *.local
Trusted Zone: 111222.cn\list1
Trusted Zone: pps.tv\kan
Trusted Zone: pps.tv\list1
Trusted Zone: pps.tv\tvguide
Trusted Zone: pps.tv\vodguide
Trusted Zone: ppstream.com\list1
Trusted Zone: ppstream.com\notice
Trusted Zone: ppstream.com\xml1
Trusted Zone: ppstream.com\xml2
Trusted Zone: ppstream.com\xml3
Trusted Zone: ppstream.net\list1
Trusted Zone: ppstv.com\list1
Trusted Zone: ppstv.net\list1
Trusted Zone: security_PPStream.exe
DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - hxxp://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll
FF - ProfilePath - c:\users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BT5&o=15435&locale=en_UK&apn_uid=BBD1ED93-83EA-4395-9FCD-2D2F5FB5A448&apn_ptnrs=GG&apn_sauid=43CCB9ED-EFB8-47BA-A6F6-F73D363E5053&apn_dtid=YYYYYYB3GB&q=
FF - component: c:\program files\AVG\AVG10\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\[email protected]\plugins\npCCTVplayer.dll
FF - plugin: c:\users\Li\AppData\Roaming\Mozilla\Firefox\Profiles\1nzx694r.default\extensions\[email protected]\plugins\npTVUAx.dll
FF - plugin: c:\users\Li\Program Files\DNA\plugins\npbtdna.dll
FF - plugin: c:\users\Li\Program Files\DNA\plugins\npbtdna.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, falsec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3487666453-464672847-2176158843-1000\Software\G*e*n*i*e*"!\FM Genie Scout 10]
"GameDir"="c:\\Users\\Li\\Documents\\Sports Interactive\\Football Manager 2010\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Users\\Li\\Documents\\Sports Interactive\\Football Manager 2010"
"SaveDir"="c:\\Users\\Li\\Documents\\Sports Interactive\\Football Manager 2010\\"
"HistoryDir"="c:\\Users\\Li\\Desktop\\New Folder (2)\\FM Genie Scout 10\\History Points"
"LangDB"=""
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000000
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:00009d10
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000072
"UniqueID"="E5-8380-E7DF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
Completion time: 2010-10-15 23:23:30
ComboFix-quarantined-files.txt 2010-10-15 22:23

Pre-Run: 52,884,918,272 bytes free
Post-Run: 52,851,712,000 bytes free

- - End Of File - - 5B496AEA557E394CE5521BD2803A16DF

[guestolo]

Can you do the following for me please
I just want a double check of what is installed and needs updated

Download and unzip to your desktop InstalledPrograms.zip
Right click  on InstalledPrograms.vbs and choose to "Run as Admin"

Click OK at the IP prompt and click YES to view the results now
A text file will open, can you copy and paste back here the whole contents

In addition:
Download Security Check by screen317 from here or here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.