Author Topic: Hardrive error missing all files (Read 1773 times)

mengskx · « **on:** April 14, 2011, 10:42:32 PM »

My brothers laptop is getting harddrive error and all the files on the computer are gone when logging into windows. The only thing that pops up is an error message and a program called WindowsFixDisk which tells me I have harddrive errors

"Error
Unable to create C:\Documents and Settings\Jason\Local Settings\Application Data\BVRP Software\NetWaiting\MoHlog.txt file"

After a few minutes of the computer running another error pops up.
"Hard Drive Failure
The System has detected a problem with one or more installed IDE/SATA hard disks. It is recommended that you restart the system."

Im worried to do anything before your suggestions.

guestolo · « **Reply #1 on:** April 14, 2011, 10:47:59 PM »

Download [color="#FF0000"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and double click on OTL.exe to run it
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.

Edit: If you cannot run OTL.exe, simply post back and let me know please
We'll try alternate instructions

mengskx · « **Reply #2 on:** April 15, 2011, 02:00:01 AM »

OTL logfile created on: 4/15/2011 1:53:15 AM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Jason\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 434.00 Mb Available Physical Memory | 42.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 79.18 Gb Total Space | 55.16 Gb Free Space | 69.67% Space Free | Partition Type: NTFS
Drive D: | 26.42 Gb Total Space | 1.91 Gb Free Space | 7.24% Space Free | Partition Type: NTFS

Computer Name: D70YBRB1 | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/15 01:52:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jason\Desktop\OTL.exe
PRC - [2011/04/14 18:30:28 | 000,475,136 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\19455796.exe
PRC - [2011/04/14 18:20:18 | 000,552,960 | -H-- | M] (WinSCP) -- C:\Documents and Settings\All Users\Application Data\sAaAVcAvvOACS.exe
PRC - [2011/03/14 20:52:55 | 002,071,904 | -H-- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 16:38:16 | 000,725,344 | -H-- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/23 16:19:24 | 000,621,920 | -H-- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/15 10:40:22 | 000,515,424 | -H-- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/15 10:40:19 | 000,308,136 | -H-- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/15 10:38:58 | 001,101,152 | -H-- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/12/21 20:17:44 | 000,185,896 | -H-- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2006/11/11 21:54:59 | 000,555,008 | -H-- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
PRC - [2006/11/11 21:54:59 | 000,415,744 | -H-- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
PRC - [2006/08/03 19:51:42 | 001,032,192 | -H-- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/08/03 19:50:46 | 000,380,928 | -H-- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/05/01 10:34:00 | 000,262,217 | -H-- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2006/05/01 10:28:26 | 000,602,182 | -H-- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/05/01 10:28:06 | 000,667,718 | -H-- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2006/05/01 10:26:14 | 000,397,381 | -H-- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/03/30 09:15:44 | 000,096,341 | -H-- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/03/25 00:30:44 | 000,282,624 | -H-- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/01/02 18:41:22 | 000,045,056 | -H-- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2003/09/10 03:24:00 | 000,020,480 | -H-- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe

========== Modules (SafeList) ==========

MOD - [2011/04/15 01:52:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jason\Desktop\OTL.exe
MOD - [2006/08/25 10:45:55 | 001,054,208 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010/11/25 09:49:46 | 000,517,448 | -H-- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/07/15 10:40:19 | 000,308,136 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2006/08/03 19:50:46 | 000,380,928 | -H-- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/05/01 10:34:00 | 000,262,217 | -H-- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2006/03/30 09:15:44 | 000,096,341 | -H-- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

========== Driver Services (SafeList) ==========

DRV - [2010/07/15 10:40:25 | 000,243,024 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/15 10:39:00 | 000,216,400 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/02 14:12:15 | 000,029,584 | -H-- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2006/08/25 08:23:08 | 000,044,544 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/05/24 19:07:18 | 000,328,237 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 19:05:26 | 000,023,271 | -H-- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 19:04:04 | 000,851,434 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 19:01:34 | 000,030,427 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 19:01:22 | 000,030,285 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 19:00:50 | 000,066,488 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 18:58:18 | 000,148,900 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 18:57:00 | 000,045,683 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/05/23 15:06:36 | 001,578,496 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/05/01 10:52:02 | 000,013,568 | -H-- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/04/27 00:13:04 | 001,429,632 | -H-- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006/03/25 00:34:30 | 001,156,648 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/10/14 16:40:18 | 000,307,968 | -H-- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 16:40:18 | 000,051,328 | -H-- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 16:40:18 | 000,028,544 | -H-- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 18:50:46 | 000,016,128 | -H-- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/22 04:02:12 | 001,035,008 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 04:01:08 | 000,201,600 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 04:01:00 | 000,717,952 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/02/13 17:46:00 | 000,017,153 | -H-- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.2
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4bf327bc&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/24 19:05:41 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2011/03/26 14:08:44 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/30 19:45:00 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/30 19:45:00 | 000,000,000 | -H-D | M]

[2008/11/23 20:18:38 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jason\Application Data\Mozilla\Extensions
[2011/04/14 18:25:18 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jason\Application Data\Mozilla\Firefox\Profiles\zgf6szca.default\extensions
[2011/01/23 14:31:48 | 000,000,000 | -H-D | M] (Diccionario espaÃ±ol Mexico) -- C:\Documents and Settings\Jason\Application Data\Mozilla\Firefox\Profiles\zgf6szca.default\extensions\[email protected]
[2011/04/14 18:25:12 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/16 18:29:41 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/24 19:05:41 | 000,000,000 | -H-D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
[2011/03/26 14:08:44 | 000,000,000 | -H-D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.103.018.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
[2010/05/16 18:29:24 | 000,411,368 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/05/15 21:33:59 | 000,000,027 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar5.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar5.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar5.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (rootkit-scan)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKCU..\Run: [sAaAVcAvvOACS] C:\Documents and Settings\All Users\Application Data\sAaAVcAvvOACS.exe (WinSCP)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O15 - HKCU\..Trusted Domains: discounttire.com ([www] http in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 64.233.207.9 64.233.207.8
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5fa255e9-92c4-11db-893f-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5fa255e9-92c4-11db-893f-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5fa255e9-92c4-11db-893f-00038a000015}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/15 01:54:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jason\Recent
[2011/04/14 18:30:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jason\Start Menu\Programs\Windows Fix Disk
[2011/04/14 18:20:26 | 000,552,960 | -H-- | C] (WinSCP) -- C:\Documents and Settings\All Users\Application Data\sAaAVcAvvOACS.exe
[2011/03/26 15:41:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jason\Desktop\Nutrition Guide
[2011/03/26 15:41:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jason\Desktop\Fitness Guide
[2006/12/26 20:18:10 | 036,808,256 | -H-- | C] (Apple Computer, Inc.) -- C:\Program Files\iTunesSetup.exe

========== Files - Modified Within 30 Days ==========

[2011/04/15 01:53:48 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\prvlcl.dat
[2011/04/15 01:52:28 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Documents and Settings\Jason\Desktop\OTL.exe
[2011/04/15 01:48:53 | 000,000,880 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/15 01:48:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/15 01:48:42 | 1072,103,424 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/14 18:30:42 | 000,000,112 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~19455796
[2011/04/14 18:30:41 | 000,000,152 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~19455796r
[2011/04/14 18:30:39 | 000,000,813 | -H-- | M] () -- C:\Documents and Settings\Jason\Desktop\Windows Fix Disk.lnk
[2011/04/14 18:30:32 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\19455796
[2011/04/14 18:30:28 | 000,475,136 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\19455796.exe
[2011/04/14 18:20:18 | 000,552,960 | -H-- | M] (WinSCP) -- C:\Documents and Settings\All Users\Application Data\sAaAVcAvvOACS.exe
[2011/04/14 18:19:40 | 074,648,406 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/04/14 18:16:01 | 000,000,884 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/03 22:58:01 | 000,093,696 | -H-- | M] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/03 20:48:51 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/03 20:48:51 | 000,001,409 | -H-- | M] () -- C:\WINDOWS\QTFont.for

========== Files Created - No Company Name ==========

[2011/04/14 18:30:41 | 000,000,152 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~19455796r
[2011/04/14 18:30:41 | 000,000,112 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~19455796
[2011/04/14 18:30:39 | 000,000,813 | -H-- | C] () -- C:\Documents and Settings\Jason\Desktop\Windows Fix Disk.lnk
[2011/04/14 18:30:32 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\19455796
[2011/04/14 18:30:06 | 000,475,136 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\19455796.exe
[2011/04/03 20:48:51 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/04/03 20:48:51 | 000,001,409 | -H-- | C] () -- C:\WINDOWS\QTFont.for
[2010/05/27 11:00:43 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\prvlcl.dat
[2007/07/07 15:02:54 | 000,000,770 | -H-- | C] () -- C:\Documents and Settings\Jason\Application Data\wklnhst.dat
[2007/03/31 16:01:27 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/12/26 23:13:15 | 000,000,249 | -H-- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2006/12/26 23:13:13 | 004,315,539 | -H-- | C] () -- C:\WINDOWS\Bikini 21st Century Amy Fadhli.dat
[2006/12/26 23:13:13 | 000,180,224 | -H-- | C] () -- C:\WINDOWS\UninstallWSST.exe
[2006/11/26 13:12:45 | 000,093,696 | -H-- | C] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/26 12:19:04 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/11/26 12:19:04 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\DAB292675E.sys
[2006/11/12 12:53:44 | 008,506,408 | -H-- | C] () -- C:\Program Files\Install_AIM.exe
[2006/11/11 22:37:15 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\fusioncache.dat
[2006/11/11 22:06:02 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/11 22:00:24 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/11 21:51:42 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/11/11 21:50:44 | 000,712,704 | -H-- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/11/11 21:48:10 | 000,000,138 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2006/11/11 21:46:44 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2006/11/11 21:42:54 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/11/08 10:26:28 | 000,024,576 | -H-- | C] () -- C:\WINDOWS\System32\DSRIRREM.EXE
[2006/11/08 10:25:52 | 000,127,614 | -H-- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/11/08 10:25:38 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/11/08 10:25:28 | 000,016,480 | -H-- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/11/08 10:24:52 | 000,000,391 | -H-- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/08/23 04:33:46 | 000,006,144 | -H-- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006/05/24 19:16:22 | 000,090,112 | -H-- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/02/25 06:12:34 | 000,180,224 | -H-- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/02/25 06:09:38 | 000,774,144 | -H-- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/08/16 05:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 05:38:45 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 05:37:24 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 05:33:38 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 05:27:59 | 000,266,208 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 05:18:35 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 05:18:33 | 000,382,260 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 05:18:33 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 05:18:33 | 000,053,838 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 05:18:33 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 05:18:32 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 05:18:30 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 05:18:28 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 05:18:23 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 05:18:23 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 05:18:15 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 05:18:08 | 000,001,788 | -H-- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2005/08/05 15:01:54 | 000,235,008 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 16:05:08 | 000,002,695 | -H-- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/18 11:02:58 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2002/11/15 08:11:28 | 000,077,824 | -H-- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2002/10/06 14:42:58 | 000,237,568 | -H-- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 19:04:26 | 000,921,600 | -H-- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/10/04 19:04:26 | 000,188,416 | -H-- | C] () -- C:\WINDOWS\System32\VORBIS.DLL
[2002/10/04 19:04:18 | 000,045,056 | -H-- | C] () -- C:\WINDOWS\System32\OGG.DLL
[2001/11/14 14:56:00 | 001,802,240 | -H-- | C] () -- C:\WINDOWS\System32\lcppn21.dll

< End of report >

mengskx · « **Reply #3 on:** April 15, 2011, 02:15:45 AM »

I cant get the other log it disappeared shortly after along with OTL on the desktop.

guestolo · « **Reply #4 on:** April 15, 2011, 08:55:45 AM »

Download and Save directly to your desktop
iExplore.exe
Make sure it's saved to your desktop

double-click on the iExplore.exe
When it has finished, the black window will automatically close
If you get a message that RKill is an infection, do not be concerned. This message is just a fake warning given by WindowsFixDisk when it terminates programs that may potentially remove it. If you run into these infections warnings that close RKill, a trick is to leave the warning on the screen and then run RKill again.

NOTE: If you can't find iExplore.exe, because it's hidden
do the following
click on the Start button and then click on the Run menu option. In the Open: field enter [color="#FF0000"]%userprofile%\desktop\iexplore.exe[/color] and press the OK button. If Windows prompts you to allow it to run, please allow it to do so.

download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

NOTE: If you are having trouble downloading MBAM because of redirection
Try the next step first

1.

Download [color="#0000FF"]TDSSKiller[/color] and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

mengskx · « **Reply #5 on:** April 15, 2011, 11:56:57 AM »

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6369

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

4/15/2011 11:55:40 AM
mbam-log-2011-04-15 (11-55-40).txt

Scan type: Quick scan
Objects scanned: 164394
Time elapsed: 8 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 3
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sAaAVcAvvOACS (Trojan.FakeAlert) -> Value: sAaAVcAvvOACS -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Value: 24d1ca9a-a864-4f7b-86fe-495eb56529d8 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Value: 7bde84a2-f58f-46ec-9eac-f1f90fead080 -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\all users\application data\saaavcavvoacs.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\19455796.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

guestolo · « **Reply #6 on:** April 16, 2011, 11:26:11 AM »

sorry for the delay, can you do the following please
Can I have you still run TDSSKiller as instructed in my last reply, and post it's log
Let's ensure that tdss rootkit is not around

In addition:
If any of your files are still hidden, let's unhide them
Download and save to desktop Unhide.exe
double-click on the Unhide.exe icon on your desktop and allow the program to run

Can you double click on OTL.exe to open it
Ensure under "Extra Registry" that you select 'Use Safelist'
Then click on Run Scan
When the scan is done, can you post back both logs please, along with the TDSSKiller log

Keep me informed how things are now running

mengskx · « **Reply #7 on:** April 16, 2011, 06:26:55 PM »

2011/04/16 18:22:36.0983 0512   TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/16 18:22:37.0108 0512   ================================================================================
2011/04/16 18:22:37.0108 0512   SystemInfo:
2011/04/16 18:22:37.0108 0512
2011/04/16 18:22:37.0108 0512   OS Version: 5.1.2600 ServicePack: 2.0
2011/04/16 18:22:37.0108 0512   Product type: Workstation
2011/04/16 18:22:37.0108 0512   ComputerName: D70YBRB1
2011/04/16 18:22:37.0108 0512   UserName: Jason
2011/04/16 18:22:37.0108 0512   Windows directory: C:\WINDOWS
2011/04/16 18:22:37.0108 0512   System windows directory: C:\WINDOWS
2011/04/16 18:22:37.0108 0512   Processor architecture: Intel x86
2011/04/16 18:22:37.0108 0512   Number of processors: 1
2011/04/16 18:22:37.0108 0512   Page size: 0x1000
2011/04/16 18:22:37.0108 0512   Boot type: Normal boot
2011/04/16 18:22:37.0108 0512   ================================================================================
2011/04/16 18:22:37.0498 0512   Initialize success
2011/04/16 18:22:57.0686 3248   ================================================================================
2011/04/16 18:22:57.0686 3248   Scan started
2011/04/16 18:22:57.0686 3248   Mode: Manual;
2011/04/16 18:22:57.0686 3248   ================================================================================
2011/04/16 18:22:58.0123 3248   abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/04/16 18:22:58.0186 3248   ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/16 18:22:58.0233 3248   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/16 18:22:58.0279 3248   adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/04/16 18:22:58.0358 3248   aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/04/16 18:22:58.0404 3248   AegisP (91f3df93f40a74d222cd166fe95db633) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/04/16 18:22:58.0498 3248   AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/04/16 18:22:58.0623 3248   agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/04/16 18:22:58.0701 3248   agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/04/16 18:22:58.0764 3248   Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/04/16 18:22:58.0811 3248   aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/04/16 18:22:58.0889 3248   aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/04/16 18:22:58.0983 3248   AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/04/16 18:22:59.0029 3248   alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/04/16 18:22:59.0061 3248   amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/04/16 18:22:59.0092 3248   amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/04/16 18:22:59.0139 3248   APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
2011/04/16 18:22:59.0170 3248   Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/04/16 18:22:59.0201 3248   asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/04/16 18:22:59.0217 3248   asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/04/16 18:22:59.0279 3248   asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/04/16 18:22:59.0342 3248   AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/16 18:22:59.0404 3248   atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/16 18:22:59.0561 3248   ati2mtag (2573c08729dd52b7b4f18df1592e0b37) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/04/16 18:22:59.0717 3248   Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/16 18:22:59.0795 3248   audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/16 18:22:59.0858 3248   AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys
2011/04/16 18:22:59.0889 3248   AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2011/04/16 18:22:59.0936 3248   AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\system32\Drivers\avgtdix.sys
2011/04/16 18:22:59.0983 3248   bcm4sbxp (6489310d11971f6ba6c7f49be0baf6e0) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2011/04/16 18:23:00.0014 3248   Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/16 18:23:00.0108 3248   Bridge (e4e6a0922e3d983728c9ad4e8d466954) C:\WINDOWS\system32\DRIVERS\bridge.sys
2011/04/16 18:23:00.0123 3248   BridgeMP (e4e6a0922e3d983728c9ad4e8d466954) C:\WINDOWS\system32\DRIVERS\bridge.sys
2011/04/16 18:23:00.0295 3248   btaudio (8893ae0b6b9b60e0521a60e8b2160216) C:\WINDOWS\system32\drivers\btaudio.sys
2011/04/16 18:23:00.0389 3248   BTDriver (fde318e3569f57264af74b7e431f60ae) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/04/16 18:23:00.0529 3248   BTKRNL (9c3c8b9e2eda516eb44b51dab81dbd68) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/04/16 18:23:00.0717 3248   BTSERIAL (089f7526ff41c17b0a43896d0553d5a2) C:\WINDOWS\system32\drivers\btserial.sys
2011/04/16 18:23:00.0779 3248   BTWDNDIS (28531ab3183f498e58d93d585e6a6b70) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/04/16 18:23:00.0889 3248   btwhid (c5c0e21c67089f053b964e0a8b8adbac) C:\WINDOWS\system32\DRIVERS\btwhid.sys
2011/04/16 18:23:00.0983 3248   btwmodem (7d295223c172ab4d61dc256721b2f09e) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
2011/04/16 18:23:01.0061 3248   BTWUSB (56c701580f2891952761362ba7594b3d) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/04/16 18:23:01.0108 3248   cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/04/16 18:23:01.0139 3248   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/16 18:23:01.0170 3248   cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/04/16 18:23:01.0217 3248   Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/16 18:23:01.0264 3248   Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/16 18:23:01.0326 3248   Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/16 18:23:01.0404 3248   CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/04/16 18:23:01.0483 3248   CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/04/16 18:23:01.0561 3248   Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/04/16 18:23:01.0608 3248   Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/04/16 18:23:01.0686 3248   dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/04/16 18:23:01.0717 3248   dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/04/16 18:23:01.0795 3248   Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/16 18:23:01.0873 3248   dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/16 18:23:01.0983 3248   dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/16 18:23:02.0029 3248   dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/16 18:23:02.0139 3248   DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/16 18:23:02.0217 3248   dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/04/16 18:23:02.0279 3248   drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/16 18:23:02.0326 3248   drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
2011/04/16 18:23:02.0358 3248   drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
2011/04/16 18:23:02.0420 3248   E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/04/16 18:23:02.0483 3248   Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/16 18:23:02.0529 3248   Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/04/16 18:23:02.0608 3248   Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/16 18:23:02.0670 3248   Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/04/16 18:23:02.0717 3248   FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/04/16 18:23:02.0764 3248   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/16 18:23:02.0826 3248   Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/16 18:23:02.0873 3248   GearAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\drivers\GearAspiWDM.sys
2011/04/16 18:23:02.0904 3248   Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/16 18:23:02.0967 3248   HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/04/16 18:23:03.0076 3248   hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/04/16 18:23:03.0139 3248   HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/04/16 18:23:03.0279 3248   HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/04/16 18:23:03.0451 3248   HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/16 18:23:03.0576 3248   i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/04/16 18:23:03.0608 3248   i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/04/16 18:23:03.0654 3248   i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/16 18:23:03.0686 3248   Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/16 18:23:03.0748 3248   ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/04/16 18:23:03.0811 3248   IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/04/16 18:23:03.0873 3248   intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/04/16 18:23:03.0951 3248   Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/04/16 18:23:04.0014 3248   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/16 18:23:04.0045 3248   IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/16 18:23:04.0092 3248   IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/16 18:23:04.0233 3248   IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/16 18:23:04.0279 3248   IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/16 18:23:04.0311 3248   isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/16 18:23:04.0358 3248   Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/16 18:23:04.0389 3248   kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/04/16 18:23:04.0483 3248   kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/16 18:23:04.0529 3248   KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/16 18:23:04.0686 3248   mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/04/16 18:23:04.0779 3248   MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/04/16 18:23:04.0842 3248   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/16 18:23:04.0889 3248   Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/16 18:23:04.0936 3248   Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/16 18:23:04.0967 3248   mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/04/16 18:23:05.0014 3248   MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/16 18:23:05.0061 3248   mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/04/16 18:23:05.0123 3248   MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/16 18:23:05.0217 3248   MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/16 18:23:05.0326 3248   Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/16 18:23:05.0420 3248   MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/16 18:23:05.0483 3248   MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/16 18:23:05.0545 3248   MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/16 18:23:05.0592 3248   mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/16 18:23:05.0670 3248   Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/16 18:23:05.0733 3248   NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/16 18:23:05.0795 3248   NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/16 18:23:05.0842 3248   Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/16 18:23:05.0889 3248   NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/16 18:23:05.0936 3248   NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/16 18:23:06.0061 3248   NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/16 18:23:06.0123 3248   NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/16 18:23:06.0201 3248   NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/04/16 18:23:06.0264 3248   Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/16 18:23:06.0373 3248   Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/16 18:23:06.0498 3248   Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/16 18:23:06.0654 3248   nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/04/16 18:23:06.0795 3248   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/16 18:23:06.0920 3248   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/16 18:23:06.0967 3248   ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/04/16 18:23:07.0045 3248   omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
2011/04/16 18:23:07.0092 3248   Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/04/16 18:23:07.0123 3248   PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/16 18:23:07.0170 3248   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/16 18:23:07.0186 3248   PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/16 18:23:07.0248 3248   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/04/16 18:23:07.0279 3248   Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/04/16 18:23:07.0436 3248   perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/04/16 18:23:07.0529 3248   perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/04/16 18:23:07.0639 3248   PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/16 18:23:07.0670 3248   PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/16 18:23:07.0701 3248   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/16 18:23:07.0733 3248   PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/04/16 18:23:07.0858 3248   ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/04/16 18:23:07.0889 3248   Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/04/16 18:23:07.0936 3248   ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/04/16 18:23:08.0014 3248   ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/04/16 18:23:08.0108 3248   ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/04/16 18:23:08.0248 3248   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/16 18:23:08.0311 3248   Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/16 18:23:08.0358 3248   RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/16 18:23:08.0404 3248   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/16 18:23:08.0498 3248   Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/16 18:23:08.0576 3248   RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/16 18:23:08.0654 3248   rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/04/16 18:23:08.0748 3248   RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/16 18:23:08.0873 3248   redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/16 18:23:08.0920 3248   rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2011/04/16 18:23:08.0951 3248   rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2011/04/16 18:23:08.0983 3248   rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
2011/04/16 18:23:09.0092 3248   s24trans (2c0e9e777ab1849b43494626c1f308b5) C:\WINDOWS\system32\DRIVERS\s24trans.sys
2011/04/16 18:23:09.0139 3248   sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/04/16 18:23:09.0201 3248   Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/16 18:23:09.0295 3248   serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/16 18:23:09.0358 3248   Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/04/16 18:23:09.0436 3248   sffdisk (1d9f1bec651815741f088a8fb88e17ee) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/04/16 18:23:09.0576 3248   sffp_sd (586499fd312ffd7f78553f408e71682e) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/04/16 18:23:09.0654 3248   Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/16 18:23:09.0764 3248   sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/04/16 18:23:09.0889 3248   SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2011/04/16 18:23:09.0998 3248   Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/04/16 18:23:10.0045 3248   splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/16 18:23:10.0108 3248   sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/16 18:23:10.0233 3248   Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/16 18:23:10.0264 3248   sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2011/04/16 18:23:10.0295 3248   ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
2011/04/16 18:23:10.0389 3248   STHDA (3ad78e22210d3fbd9f76de84a8df19b5) C:\WINDOWS\system32\drivers\sthda.sys
2011/04/16 18:23:10.0561 3248   swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/16 18:23:10.0592 3248   swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/16 18:23:10.0639 3248   symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/04/16 18:23:10.0701 3248   symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/04/16 18:23:10.0733 3248   sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/04/16 18:23:10.0764 3248   sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/04/16 18:23:10.0858 3248   SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/04/16 18:23:10.0951 3248   sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/16 18:23:11.0029 3248   Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/16 18:23:11.0092 3248   TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/16 18:23:11.0123 3248   TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/16 18:23:11.0154 3248   TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/16 18:23:11.0233 3248   tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
2011/04/16 18:23:11.0279 3248   tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
2011/04/16 18:23:11.0311 3248   tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
2011/04/16 18:23:11.0342 3248   tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
2011/04/16 18:23:11.0389 3248   tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
2011/04/16 18:23:11.0436 3248   tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
2011/04/16 18:23:11.0451 3248   tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
2011/04/16 18:23:11.0483 3248   tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
2011/04/16 18:23:11.0514 3248   tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
2011/04/16 18:23:11.0561 3248   TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/04/16 18:23:11.0623 3248   Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/16 18:23:11.0717 3248   ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/04/16 18:23:11.0811 3248   Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/16 18:23:11.0889 3248   usbehci (708579b01fed227aadb393cb0c3b4a2c) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/16 18:23:11.0967 3248   usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/16 18:23:12.0061 3248   usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/04/16 18:23:12.0139 3248   USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/16 18:23:12.0233 3248   usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/16 18:23:12.0295 3248   VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/04/16 18:23:12.0326 3248   viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/04/16 18:23:12.0404 3248   ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/04/16 18:23:12.0545 3248   VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/16 18:23:12.0733 3248   w39n51 (95c7421f8bafc85ba09d33364058937d) C:\WINDOWS\system32\DRIVERS\w39n51.sys
2011/04/16 18:23:12.0873 3248   Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/16 18:23:12.0998 3248   wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/16 18:23:13.0108 3248   winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/04/16 18:23:13.0264 3248   WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/04/16 18:23:13.0608 3248   ================================================================================
2011/04/16 18:23:13.0608 3248   Scan finished
2011/04/16 18:23:13.0608 3248   ================================================================================

mengskx · « **Reply #8 on:** April 16, 2011, 06:35:20 PM »

OTL logfile created on: 4/16/2011 6:31:57 PM - Run 6
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Jason\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 394.00 Mb Available Physical Memory | 39.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 79.18 Gb Total Space | 55.13 Gb Free Space | 69.63% Space Free | Partition Type: NTFS
Drive D: | 26.42 Gb Total Space | 1.91 Gb Free Space | 7.24% Space Free | Partition Type: NTFS

Computer Name: D70YBRB1 | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/15 02:13:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jason\Desktop\OTL.exe
PRC - [2011/03/14 20:52:55 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 16:38:16 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/23 16:19:24 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/15 10:40:22 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/15 10:40:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/15 10:38:58 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/12/21 20:17:44 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2006/11/11 21:54:59 | 000,555,008 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
PRC - [2006/11/11 21:54:59 | 000,415,744 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
PRC - [2006/08/03 19:51:42 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/08/03 19:50:46 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/05/01 10:34:00 | 000,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2006/05/01 10:28:26 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/05/01 10:28:06 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2006/05/01 10:26:14 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/03/30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/03/25 00:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/01/02 18:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2003/09/10 03:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe

========== Modules (SafeList) ==========

MOD - [2011/04/15 02:13:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jason\Desktop\OTL.exe
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010/11/25 09:49:46 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/07/15 10:40:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2006/08/03 19:50:46 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/05/01 10:34:00 | 000,262,217 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2006/03/30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

========== Driver Services (SafeList) ==========

DRV - [2010/07/15 10:40:25 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/15 10:39:00 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/02 14:12:15 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2006/08/25 08:23:08 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/05/24 19:07:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 19:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 19:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 19:01:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 19:01:22 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 19:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 18:58:18 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 18:57:00 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/05/23 15:06:36 | 001,578,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/05/01 10:52:02 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/04/27 00:13:04 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006/03/25 00:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/10/14 16:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 16:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 16:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/22 04:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 04:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 04:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/02/13 17:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.2
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4bf327bc&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/24 19:05:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2011/03/26 14:08:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/30 19:45:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/30 19:45:00 | 000,000,000 | ---D | M]

[2008/11/23 20:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jason\Application Data\Mozilla\Extensions
[2011/04/14 18:25:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jason\Application Data\Mozilla\Firefox\Profiles\zgf6szca.default\extensions
[2011/01/23 14:31:48 | 000,000,000 | ---D | M] (Diccionario espaÃ±ol Mexico) -- C:\Documents and Settings\Jason\Application Data\Mozilla\Firefox\Profiles\zgf6szca.default\extensions\[email protected]
[2011/04/14 18:25:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/16 18:29:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/24 19:05:41 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
[2011/03/26 14:08:44 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.103.018.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
[2010/05/16 18:29:24 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/05/15 21:33:59 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar5.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar5.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar5.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (rootkit-scan)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O15 - HKCU\..Trusted Domains: discounttire.com ([www] http in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 64.233.207.9 64.233.207.8
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5fa255e9-92c4-11db-893f-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5fa255e9-92c4-11db-893f-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5fa255e9-92c4-11db-893f-00038a000015}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/15 11:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/15 11:44:36 | 000,882,952 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jason\Desktop\jl6j5bn4v.exe
[2011/04/15 11:34:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jason\Recent
[2011/04/15 11:31:09 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jason\Desktop\mbam-setup.exe
[2011/04/14 18:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jason\Start Menu\Programs\Windows Fix Disk
[2011/03/26 15:41:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jason\Desktop\Nutrition Guide
[2011/03/26 15:41:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jason\Desktop\Fitness Guide
[2006/12/26 20:18:10 | 036,808,256 | ---- | C] (Apple Computer, Inc.) -- C:\Program Files\iTunesSetup.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/16 18:27:26 | 000,504,657 | ---- | M] () -- C:\Documents and Settings\Jason\Desktop\unhide.exe
[2011/04/16 18:23:36 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\prvlcl.dat
[2011/04/16 18:20:36 | 001,263,721 | ---- | M] () -- C:\Documents and Settings\Jason\Desktop\tdsskiller.zip
[2011/04/16 18:16:03 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/15 11:59:48 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/15 11:59:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/15 11:59:37 | 1072,103,424 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/15 11:45:37 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/04/15 11:45:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/15 11:44:37 | 000,882,952 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jason\Desktop\jl6j5bn4v.exe
[2011/04/15 11:39:27 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jason\Desktop\mbam-setup.exe
[2011/04/15 11:37:07 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Jason\Desktop\iExplore.exe
[2011/04/15 02:13:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jason\Desktop\OTL.exe
[2011/04/14 18:30:42 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19455796
[2011/04/14 18:30:41 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19455796r
[2011/04/14 18:30:39 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\Jason\Desktop\Windows Fix Disk.lnk
[2011/04/14 18:30:32 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\19455796
[2011/04/14 18:19:40 | 074,648,406 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/04/03 22:58:01 | 000,093,696 | ---- | M] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/03 20:48:51 | 000,054,156 | ---- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/03 20:48:51 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/16 18:27:26 | 000,504,657 | ---- | C] () -- C:\Documents and Settings\Jason\Desktop\unhide.exe
[2011/04/16 18:21:44 | 001,263,721 | ---- | C] () -- C:\Documents and Settings\Jason\Desktop\tdsskiller.zip
[2011/04/15 11:45:37 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/04/15 11:45:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/15 11:27:48 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\Jason\Desktop\iExplore.exe
[2011/04/14 18:30:41 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19455796r
[2011/04/14 18:30:41 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19455796
[2011/04/14 18:30:39 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\Jason\Desktop\Windows Fix Disk.lnk
[2011/04/14 18:30:32 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\19455796
[2011/04/03 20:48:51 | 000,054,156 | ---- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/04/03 20:48:51 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/05/27 11:00:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\prvlcl.dat
[2007/07/07 15:02:54 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Jason\Application Data\wklnhst.dat
[2007/03/31 16:01:27 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/12/26 23:13:15 | 000,000,249 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2006/12/26 23:13:13 | 004,315,539 | ---- | C] () -- C:\WINDOWS\Bikini 21st Century Amy Fadhli.dat
[2006/12/26 23:13:13 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe
[2006/11/26 13:12:45 | 000,093,696 | ---- | C] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/26 12:19:04 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/11/26 12:19:04 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\DAB292675E.sys
[2006/11/12 12:53:44 | 008,506,408 | ---- | C] () -- C:\Program Files\Install_AIM.exe
[2006/11/11 22:37:15 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\fusioncache.dat
[2006/11/11 22:06:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/11 22:00:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/11 21:51:42 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/11/11 21:50:44 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/11/11 21:48:10 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/11/11 21:46:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/11/11 21:42:54 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/11/08 10:26:28 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\DSRIRREM.EXE
[2006/11/08 10:25:52 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/11/08 10:25:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/11/08 10:25:28 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/11/08 10:24:52 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/08/23 04:33:46 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006/05/24 19:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/02/25 06:12:34 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/02/25 06:09:38 | 000,774,144 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/08/16 05:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 05:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 05:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 05:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 05:27:59 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 05:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 05:18:33 | 000,382,260 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 05:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 05:18:33 | 000,053,838 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 05:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 05:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 05:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 05:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 05:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 05:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 05:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 05:18:08 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/18 11:02:58 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2002/11/15 08:11:28 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2002/10/06 14:42:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 19:04:26 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/10/04 19:04:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\VORBIS.DLL
[2002/10/04 19:04:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\OGG.DLL
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

< End of report >

mengskx · « **Reply #9 on:** April 16, 2011, 06:39:01 PM »

OTL Extras logfile created on: 4/16/2011 6:31:57 PM - Run 6
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Jason\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 394.00 Mb Available Physical Memory | 39.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 79.18 Gb Total Space | 55.13 Gb Free Space | 69.63% Space Free | Partition Type: NTFS
Drive D: | 26.42 Gb Total Space | 1.91 Gb Free Space | 7.24% Space Free | Partition Type: NTFS

Computer Name: D70YBRB1 | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{446DBFFA-4088-48E3-8932-74316BA4CAE4}" = iTunes
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50D8FFDD-90CD-4859-841F-AA1961C7767A}" = QuickTime
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A02ED372-22FA-448B-AB6A-1B0FC23B7D08}" = ATI Catalyst Control Center
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F26615EF-AF0A-486C-99C9-B65C8C401EBC}" = EuroTalk Talk Now!
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Instant Messenger" = AOL Instant Messenger
"ATI Display Driver" = ATI Display Driver
"AVG9Uninstall" = AVG Free 9.0
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"CSCLIB" = Canon Camera Support Core Library
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"EOS Utility" = Canon Utilities EOS Utility
"ESPNMotion" = ESPNMotion
"Google Desktop" = Google Desktop
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Jenna Jameson Nude (WinNT40)" = Jenna Jameson Nude (WinNT40) Screen Saver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa2" = Picasa 2
"ProInst" = Intel(R) PROSet/Wireless Software
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SearchAssist" = SearchAssist
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Theorica Divx ;-) Codecs" = Theorica Divx ;-) Codecs (remove only)
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/15/2010 10:59:56 PM | Computer Name = D70YBRB1 | Source = Application Hang | ID = 1002
Description = Hanging application CameraLauncherMC.exe, version 2.3.0.4, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/20/2010 11:42:00 PM | Computer Name = D70YBRB1 | Source = Application Hang | ID = 1002
Description = Hanging application VirtualDub.exe, version 1.7.8.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/29/2010 1:43:48 PM | Computer Name = D70YBRB1 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 12/29/2010 1:43:48 PM | Computer Name = D70YBRB1 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 1/17/2011 9:09:56 PM | Computer Name = D70YBRB1 | Source = Application Hang | ID = 1002
Description = Hanging application ZoomBrowser.exe, version 5.8.0.74, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/15/2011 11:43:58 PM | Computer Name = D70YBRB1 | Source = Application Hang | ID = 1002
Description = Hanging application ZoomBrowser.exe, version 5.8.0.74, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/16/2011 12:05:57 AM | Computer Name = D70YBRB1 | Source = Application Hang | ID = 1002
Description = Hanging application realplay.exe, version 6.0.12.1741, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/20/2011 3:27:39 PM | Computer Name = D70YBRB1 | Source = Application Hang | ID = 1002
Description = Hanging application ZoomBrowser.exe, version 5.8.0.74, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/3/2011 9:49:19 PM | Computer Name = D70YBRB1 | Source = Application Error | ID = 1000
Description = Faulting application itunes.exe, version 7.0.2.16, faulting module
quicktime.qts, version 7.1.3.170, fault address 0x0006f183.

Error - 4/3/2011 11:35:34 PM | Computer Name = D70YBRB1 | Source = Application Hang | ID = 1002
Description = Hanging application ZoomBrowser.exe, version 5.8.0.74, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 4/6/2011 11:40:21 AM | Computer Name = D70YBRB1 | Source = ipnathlp | ID = 32003
Description = The Network Address Translator (NAT) was unable to request an operation
of
the kernel-mode translation module. This may indicate misconfiguration, insufficient
resources, or an internal error. The data is the error code.

Error - 4/9/2011 1:12:28 AM | Computer Name = D70YBRB1 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.104 on
the Network Card with network address 0018DE1F7507.

Error - 4/9/2011 1:12:46 AM | Computer Name = D70YBRB1 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg9wd service.

Error - 4/10/2011 10:42:29 AM | Computer Name = D70YBRB1 | Source = ipnathlp | ID = 32003
Description = The Network Address Translator (NAT) was unable to request an operation
of
the kernel-mode translation module. This may indicate misconfiguration, insufficient
resources, or an internal error. The data is the error code.

Error - 4/10/2011 6:38:08 PM | Computer Name = D70YBRB1 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Netman service.

Error - 4/11/2011 8:48:58 PM | Computer Name = D70YBRB1 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.104 on
the Network Card with network address 0018DE1F7507.

Error - 4/12/2011 9:57:54 AM | Computer Name = D70YBRB1 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Netman service.

Error - 4/12/2011 6:00:24 PM | Computer Name = D70YBRB1 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Netman service.

Error - 4/14/2011 7:15:05 PM | Computer Name = D70YBRB1 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.104 on
the Network Card with network address 0018DE1F7507.

Error - 4/14/2011 7:15:19 PM | Computer Name = D70YBRB1 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Netman service.

< End of report >

guestolo · « **Reply #10 on:** April 16, 2011, 06:51:41 PM »

Double click on OTL.exe and Run it

Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
Quote
:OTL
[2011/04/16 18:27:26 | 000,504,657 | ---- | M] () -- C:\Documents and Settings\Jason\Desktop\unhide.exe
[2011/04/16 18:20:36 | 001,263,721 | ---- | M] () -- C:\Documents and Settings\Jason\Desktop\tdsskiller.zip
[2011/04/15 11:39:27 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jason\Desktop\mbam-setup.exe
[2011/04/15 11:37:07 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Jason\Desktop\iExplore.exe
[2011/04/14 18:30:42 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19455796
[2011/04/14 18:30:41 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19455796r
[2011/04/14 18:30:39 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\Jason\Desktop\Windows Fix Disk.lnk
[2011/04/14 18:30:32 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\19455796
:Reg
:Files
ipconfig /flushdns /c
:Commands
[EmptyTemp]
[EmptyFlash]
[Reboot]
Then click the [color="#FF0000"]Run Fix[/color] button at the top
Let the program run unhindered, reboot the PC when it is done

On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

Also, as mentioned earlier, can you now let me know how things are running

mengskx · « **Reply #11 on:** April 17, 2011, 02:34:08 AM »

The computer seems to be running clean, maybe this could have been prevented with a more current AVG? Hes really happy to get files back.

All processes killed
========== OTL ==========
C:\Documents and Settings\Jason\Desktop\unhide.exe moved successfully.
C:\Documents and Settings\Jason\Desktop\tdsskiller.zip moved successfully.
File C:\Documents and Settings\Jason\Desktop\mbam-setup.exe not found.
C:\Documents and Settings\Jason\Desktop\iExplore.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\~19455796 moved successfully.
C:\Documents and Settings\All Users\Application Data\~19455796r moved successfully.
C:\Documents and Settings\Jason\Desktop\Windows Fix Disk.lnk moved successfully.
C:\Documents and Settings\All Users\Application Data\19455796 moved successfully.
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Jason\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Jason\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jason
->Temp folder emptied: 233577271 bytes
->Temporary Internet Files folder emptied: 36869642 bytes
->Java cache emptied: 1641713 bytes
->FireFox cache emptied: 106006326 bytes
->Flash cache emptied: 65956 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 709456 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 45645998 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1586351131 bytes

Total Files Cleaned = 1,918.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: Jason
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 04172011_022508

Files\Folders moved on Reboot...
C:\Documents and Settings\Jason\Local Settings\Temporary Internet Files\Content.IE5\VMZCB0SZ\index[7].htm moved successfully.
C:\Documents and Settings\Jason\Local Settings\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.

Registry entries deleted on Reboot...

guestolo · « **Reply #12 on:** April 17, 2011, 10:33:39 AM »

Quote

maybe this could have been prevented with a more current AVG

I was going to suggest updating his version, but you should also do the following
Let's ensure that some of you software get's updated to plug security holes

Open up your copy of Adobe Reader, click on HELP>>Check for Updates
Download and install any update found
Keep rechecking for updates till you have them all

To make sure you have the latest version of Adobe Flash Player installed:
1. To uninstall an older version, download this file to your Desktop: uninstall_flash_player.exe
2. Quit ALL running applications, including all Internet Explorer or other browser windows, and messenger applications (like AOL Instant Messenger, Yahoo Messenger, MSN Messenger).
3. Double-click on the file you've downloaded to uninstall Flash.
Delete the uninstaller
we'll update it in a bit

Keep all browser windows closed
Access your Add/Remove Programs and uninstall older version of Java
Remove Java™ 6 Update 20

Restart the computer afterwards
Back in Windows
Let's update Adobe Flash
Go to the following link
http://get.adobe.com/flashplayer/otherversions/

Choose operating system and version
Note: Do this procedure twice and get both
"Flash player for IE" then "Flash player for other browsers"
Save the installers to desktop
Close browser windows, then install both
install_flash_player_ax.exe and install_flash_player.exe

Let's now update Sun Java

Download the latest version of Java Runtime Environment (JRE) .
Scroll down to where it says "Java SE 6 Update 24".
Click the "Download JRE" button to the right.
In the Window that opens, select Windows,>>Check the "agree" box and click Continue.
Click on the link to download Windows Offline Installation and save to your desktop.
Then from your desktop double-click on jre-6u24-windows-i586.exe that you downloaded to install the newest version.

NOTE: Java installs a Quick starter service that is not really required, you can disable this after every update by the following:
Open Windows Control Panel and open the Java icon
Click on 'Advanced' >>Expand (+) on Miscellaneous
Untick "Java Quick Starter"
Apply and OK out of there

Restart the computer to set.
Back in Windows, I would definitely update AVG
My preference is to Uninstall all the older version
Restart the computer then install the newest version, your option, as you can simply install over the top of the old one
Here's a link to the newest version
http://download.cnet.com/AVG-Anti-Virus-Free-Edition-2011/3000-2239_4-10320142.html?part=dl-10044820&subj=dl&tag=button&cdlPid=11014801

Do the above, then can you come back one last time
Open OTL.exe and click on Quick Scan, post the log that opens

Additionally, can you let me know why he hasn't updated to Service pack 3 yet?
It installs needed security patches
Don't install yet, but can you let me know what processor he has
Right click on MyComputer and select Properties, under the Computer section on the General tab
Is the machine running on an Intel based processor or AMD Athlon?

mengskx · « **Reply #13 on:** April 18, 2011, 12:06:52 AM »

OTL logfile created on: 4/18/2011 12:01:02 AM - Run 7
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Jason\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 453.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 79.18 Gb Total Space | 56.51 Gb Free Space | 71.37% Space Free | Partition Type: NTFS
Drive D: | 26.42 Gb Total Space | 1.91 Gb Free Space | 7.24% Space Free | Partition Type: NTFS

Computer Name: D70YBRB1 | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/15 02:13:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jason\Desktop\OTL.exe
PRC - [2011/02/17 06:21:58 | 002,190,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/02/11 06:25:52 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/02/08 05:32:48 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/02/08 05:32:46 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/12/21 20:17:44 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2006/11/11 21:54:59 | 000,555,008 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
PRC - [2006/11/11 21:54:59 | 000,415,744 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
PRC - [2006/08/03 19:51:42 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/08/03 19:50:46 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/05/24 19:28:28 | 000,622,653 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/05/01 10:34:00 | 000,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2006/05/01 10:28:26 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/05/01 10:28:06 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2006/05/01 10:26:14 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/03/30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/03/25 00:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/01/02 18:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2003/09/10 03:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe

========== Modules (SafeList) ==========

MOD - [2011/04/15 02:13:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jason\Desktop\OTL.exe
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2006/08/03 19:50:46 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/05/01 10:34:00 | 000,262,217 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2006/03/30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

========== Driver Services (SafeList) ==========

DRV - [2011/03/30 17:17:22 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:54:00 | 000,296,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/19 04:32:56 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2006/08/25 08:23:08 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/05/24 19:07:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 19:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 19:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 19:01:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 19:01:22 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 19:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 18:58:18 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 18:57:00 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/05/23 15:06:36 | 001,578,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/05/01 10:52:02 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/04/27 00:13:04 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006/03/25 00:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/10/14 16:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 16:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 16:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/22 04:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 04:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 04:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/02/13 17:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.2
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4bf327bc&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/04/17 23:56:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/04/17 23:57:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/30 19:45:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/17 23:33:13 | 000,000,000 | ---D | M]

[2008/11/23 20:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jason\Application Data\Mozilla\Extensions
[2011/04/17 10:44:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jason\Application Data\Mozilla\Firefox\Profiles\zgf6szca.default\extensions
[2011/01/23 14:31:48 | 000,000,000 | ---D | M] (Diccionario espaÃ±ol Mexico) -- C:\Documents and Settings\Jason\Application Data\Mozilla\Firefox\Profiles\zgf6szca.default\extensions\[email protected]
[2011/04/17 23:40:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/17 23:40:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/04/17 23:40:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/05/15 21:33:59 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar5.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar5.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar5.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (rootkit-scan)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O15 - HKCU\..Trusted Domains: discounttire.com ([www] http in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 64.233.207.9 64.233.207.8
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5fa255e9-92c4-11db-893f-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5fa255e9-92c4-11db-893f-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5fa255e9-92c4-11db-893f-00038a000015}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/17 23:58:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jason\Application Data\AVG10
[2011/04/17 23:57:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/04/17 23:56:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/04/17 23:56:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/04/17 23:55:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/04/17 23:55:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/04/17 23:50:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/04/17 23:50:37 | 005,497,592 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Jason\Desktop\avg_free_stb_all_2011_1321_cnet.exe
[2011/04/17 23:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/04/17 23:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/04/17 23:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/04/15 11:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/15 11:34:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jason\Recent
[2011/04/14 18:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jason\Start Menu\Programs\Windows Fix Disk
[2011/03/30 17:17:22 | 000,134,480 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSDriver.sys
[2011/03/26 15:41:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jason\Desktop\Nutrition Guide
[2011/03/26 15:41:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jason\Desktop\Fitness Guide
[2006/12/26 20:18:10 | 036,808,256 | ---- | C] (Apple Computer, Inc.) -- C:\Program Files\iTunesSetup.exe

========== Files - Modified Within 30 Days ==========

[2011/04/18 00:00:17 | 112,675,935 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/17 23:56:52 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/04/17 23:50:42 | 005,497,592 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Jason\Desktop\avg_free_stb_all_2011_1321_cnet.exe
[2011/04/17 23:48:11 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/17 23:48:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/17 23:47:59 | 1072,103,424 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/17 23:23:30 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\prvlcl.dat
[2011/04/17 23:21:45 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/04/17 23:16:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/17 14:52:24 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/15 11:45:37 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/04/15 11:45:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/15 02:13:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jason\Desktop\OTL.exe
[2011/04/03 20:48:51 | 000,054,156 | ---- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/03 20:48:51 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011/03/30 17:17:22 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSDriver.sys

========== Files Created - No Company Name ==========

[2011/04/18 00:00:17 | 112,675,935 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/17 23:56:52 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/04/17 23:20:45 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/04/17 23:20:44 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/04/15 11:45:37 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/04/15 11:45:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/03 20:48:51 | 000,054,156 | ---- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/04/03 20:48:51 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/05/27 11:00:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\prvlcl.dat
[2007/07/07 15:02:54 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Jason\Application Data\wklnhst.dat
[2007/03/31 16:01:27 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/12/26 23:13:15 | 000,000,249 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2006/12/26 23:13:13 | 004,315,539 | ---- | C] () -- C:\WINDOWS\Bikini 21st Century Amy Fadhli.dat
[2006/12/26 23:13:13 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe
[2006/11/26 13:12:45 | 000,096,256 | ---- | C] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/26 12:19:04 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/11/26 12:19:04 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\DAB292675E.sys
[2006/11/12 12:53:44 | 008,506,408 | ---- | C] () -- C:\Program Files\Install_AIM.exe
[2006/11/11 22:37:15 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Jason\Local Settings\Application Data\fusioncache.dat
[2006/11/11 22:06:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/11 22:00:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/11 21:51:42 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/11/11 21:50:44 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/11/11 21:48:10 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/11/11 21:46:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/11/11 21:42:54 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/11/08 10:26:28 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\DSRIRREM.EXE
[2006/11/08 10:25:52 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/11/08 10:25:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/11/08 10:25:28 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/11/08 10:24:52 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/08/23 04:33:46 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006/05/24 19:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/02/25 06:12:34 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/02/25 06:09:38 | 000,774,144 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/08/16 05:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 05:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 05:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 05:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 05:27:59 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 05:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 05:18:33 | 000,382,260 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 05:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 05:18:33 | 000,053,838 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 05:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 05:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 05:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 05:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 05:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 05:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 05:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 05:18:08 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/18 11:02:58 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2002/11/15 08:11:28 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2002/10/06 14:42:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 19:04:26 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/10/04 19:04:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\VORBIS.DLL
[2002/10/04 19:04:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\OGG.DLL
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2011/04/17 23:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/04/17 23:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/04/17 23:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/14 20:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2011/04/17 23:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2007/07/27 19:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2010/05/16 18:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/11/12 12:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jason\Application Data\Aim
[2011/04/17 23:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jason\Application Data\AVG10
[2010/12/28 14:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jason\Application Data\EuroTalk
[2010/06/06 16:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jason\Application Data\Facebook
[2007/03/31 16:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jason\Application Data\MSNInstaller
[2007/07/27 19:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jason\Application Data\Otto
[2007/07/07 15:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jason\Application Data\Template
[2007/01/16 21:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jason\Application Data\Viewpoint

========== Purity Check ==========

< End of report >

mengskx · « **Reply #14 on:** April 18, 2011, 12:12:42 AM »

Intel(R)Core(TM)2 CPU
Dont think hes aware of the service pack upgrade. Is this something Windows prompted him to do and he ignored? Never done one myself.

guestolo · « **Reply #15 on:** April 18, 2011, 07:21:50 PM »

You can visit Windows Updates from the following link using Internet Explorer
http://windowsupdate.microsoft.com/
ONLY install the High Priority updates
Or better yet, if you have a fast Internet connection
Download and save to desktop Service pack 3 from the following location>>>> http://www.microsoft.com/downloads/en/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&displaylang=en
After you have it saved to desktop

Temporarily disable AVG's protection, so as they won't interfere with the installation
1. open AVG User Interface
2. double-click on the Resident Shield
3. un-tick the option "Resident Shield active"
4. save the changes
Then go ahead and install SP3
After the computer has been rebooted, Use Internet Explorer and visit Windows Updates and ensure you have all latest "High Priority"
Updates
After you have that done, reenable Resident Shield in AVG

Let me know how that goes

mengskx · « **Reply #16 on:** April 21, 2011, 01:41:20 AM »

I think I'm going to back up the files on his computer first just to be really safe. As of now everything has been running quite good, hopefully safe til I get my external hard drive. Thank you for the help.

guestolo · « **Reply #17 on:** May 24, 2011, 02:16:12 PM »

I'll lock this topic as your problems are resolved

TheTechGuide Forum

News:

Author Topic: Hardrive error missing all files (Read 1773 times)

mengskx

Hardrive error missing all files

guestolo

Hardrive error missing all files

mengskx

Hardrive error missing all files

mengskx

Hardrive error missing all files

guestolo

Hardrive error missing all files

mengskx

Hardrive error missing all files

guestolo

Hardrive error missing all files

mengskx

Hardrive error missing all files

mengskx

Hardrive error missing all files

mengskx

Hardrive error missing all files

guestolo

Hardrive error missing all files

mengskx

Hardrive error missing all files

guestolo

Hardrive error missing all files

mengskx

Hardrive error missing all files

mengskx

Hardrive error missing all files

guestolo

Hardrive error missing all files

mengskx

Hardrive error missing all files

guestolo

Hardrive error missing all files