Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

"Unable to connect" to certain web pages after removing Back

Started by ChelseaDG , Apr 29 2010 02:48 AM

  • This topic is locked This topic is locked

#1
ChelseaDG
Posted 29 April 2010 - 02:48 AM

ChelseaDG

    Member

  • Member
  • PipPip
  • 10 posts
From the information I've gathered, my "unable to connect" problem is bc of viruses that were deleted from my computer. I did a scan again with Dr. Web Cureit, and found 2 more backdoor trojans and deleted them. Problem was resolved for about a week and started happening again, but with no obvious infections this time. I have ran Dr. Web Cureit in safe mode with super anti-spyware and malwarebytes and nothing showed up. I was lucky to be able to get onto this site for help. I looked up combofix and I cannot find a version for Windows 7, so I am running an AVZ4 scan. What else should I do? This problem has been very persistent and I've stayed up late many nights trying to figure it out, and getting no where. Please help.


~*Chelsea*~
  • 0

Advertisements

#2
ChelseaDG
Posted 29 April 2010 - 03:14 AM

ChelseaDG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
My AVZ logs are attached.
Here is OTL Log
OTL logfile created on: 4/29/2010 11:40:37 PM - Run 1
OTL by OldTimer - Version 3.2.3.1 Folder = C:\Users\Chelsea\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.76 Gb Total Space | 301.35 Gb Free Space | 66.27% Space Free | Partition Type: NTFS
Drive D: | 10.90 Gb Total Space | 2.02 Gb Free Space | 18.56% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 74.51 Gb Total Space | 4.90 Gb Free Space | 6.58% Space Free | Partition Type: FAT32

Computer Name: CHELSEA-PC
Current User Name: Chelsea
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/04/29 23:39:28 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Chelsea\Downloads\OTL.exe
PRC - [2010/04/29 13:05:11 | 000,321,328 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010/04/21 15:53:12 | 002,064,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2010/03/19 09:43:11 | 004,227,072 | ---- | M] () -- C:\Program Files (x86)\CleverTune Software\Driver Updater Pro\DriverUpdaterPro.exe
PRC - [2010/03/12 09:17:24 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/12 09:17:06 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2010/03/12 09:17:06 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2010/02/18 16:40:26 | 002,012,912 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/02/02 17:31:56 | 000,279,296 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2010/01/27 11:37:22 | 000,091,392 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2009/12/15 11:24:48 | 000,293,376 | ---- | M] () -- C:\Users\Chelsea\Desktop\gmer.exe.exe
PRC - [2009/10/10 14:07:08 | 000,320,832 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/05/21 19:58:14 | 000,413,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
PRC - [2009/02/23 06:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2006/10/26 13:34:04 | 000,065,536 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Playskool\MADE FOR ME Software\HbDetect.exe
PRC - [2002/02/14 14:53:12 | 000,032,768 | ---- | M] (Hewlett-Packard) -- C:\sj655\hpupdate.exe
PRC - [1999/12/13 09:01:00 | 000,044,032 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTSVCCDA.exe


========== Modules (SafeList) ==========

MOD - [2010/04/29 23:39:28 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Chelsea\Downloads\OTL.exe
MOD - [2009/07/13 18:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/04/08 08:02:22 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2010/01/07 15:24:16 | 000,470,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/01/07 15:24:06 | 007,700,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/07/13 18:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 18:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 18:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/13 18:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/13 18:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/13 18:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/13 18:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/13 18:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 18:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 18:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/13 18:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 18:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/13 18:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/13 18:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2009/03/27 11:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2010/04/07 16:21:30 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/12 09:17:24 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/12 09:17:06 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/01/27 11:37:22 | 000,091,392 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/07/13 20:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/13 20:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/13 18:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 18:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 13:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 13:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [1999/12/13 09:01:00 | 000,044,032 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\SysWOW64\CTSVCCDA.exe -- (Creative Service for CDROM Access)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/04/21 15:53:08 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2010/03/12 09:17:26 | 000,035,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2010/03/12 09:17:06 | 000,269,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010/02/24 07:06:20 | 000,726,816 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/12/11 03:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/10/27 12:10:18 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2009/09/28 02:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/13 18:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 18:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/13 18:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/13 18:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 18:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/13 18:43:13 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/07/13 17:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 17:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 17:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 17:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 17:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 17:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:64bit: - [2009/07/13 17:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:64bit: - [2009/07/13 17:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 17:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/13 17:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 17:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2009/07/13 17:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 17:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/13 17:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 17:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/13 17:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 16:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/13 16:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/13 16:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 16:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 16:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 16:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/13 16:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/09 03:38:42 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/19 17:07:44 | 000,020,992 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/19 09:19:38 | 000,339,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 11:56:26 | 000,053,632 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motodrv.sys -- (MotDev)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2007/04/03 13:59:28 | 000,130,312 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616unic.sys -- (s616unic) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM)
DRV:64bit: - [2007/04/03 13:59:26 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616obex.sys -- (s616obex)
DRV:64bit: - [2007/04/03 13:59:26 | 000,031,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616nd5.sys -- (s616nd5) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS)
DRV:64bit: - [2007/04/03 13:59:24 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616mgmt.sys -- (s616mgmt) Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007/04/03 13:59:22 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616mdm.sys -- (s616mdm)
DRV:64bit: - [2007/04/03 13:59:22 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616mdfl.sys -- (s616mdfl)
DRV:64bit: - [2007/04/03 13:59:20 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM)
DRV - [2010/02/17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 18:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winusb.dll -- (WinUsb)
DRV - [2009/07/13 18:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 14:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 14:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...rio&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...rio&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...rio&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...rio&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://ie.redirect.h...a...rio&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://m.www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.812
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.20100218
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8
FF - prefs.js..extensions.enabledItems: {51ef49d2-624b-4194-8b97-1c468e9b0efe}:1.300.306
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..keyword.URL: "https://www.mypoints...&fctb.dns=1&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010/04/21 23:00:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared [2009/12/27 04:12:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/17 22:30:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/02 13:06:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/04/02 13:06:48 | 000,000,000 | ---D | M]

[2009/10/24 18:03:09 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Extensions
[2010/04/29 13:16:01 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\extensions
[2010/01/29 01:02:46 | 000,000,000 | ---D | M] (Causes) -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\extensions\{336dc353-5272-420c-84e7-ba1f3c9c2aeb}
[2010/03/23 15:40:58 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/03/29 07:07:46 | 000,000,000 | ---D | M] (MyPoints Point Finder) -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\extensions\{51ef49d2-624b-4194-8b97-1c468e9b0efe}
[2010/04/18 04:00:08 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/08 22:03:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/11 13:58:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/03/23 15:40:58 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\extensions\[email protected]
[2010/02/02 23:02:02 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\extensions\[email protected]
[2009/10/30 00:40:29 | 000,000,687 | ---- | M] () -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\searchplugins\ask.xml
[2009/11/01 16:31:45 | 000,002,179 | ---- | M] () -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\searchplugins\inbox-search.xml
[2010/03/29 07:08:04 | 000,004,772 | ---- | M] () -- C:\Users\Chelsea\AppData\Roaming\Mozilla\Firefox\Profiles\8gjt7xd5.default\searchplugins\web-search.xml
[2010/04/21 18:10:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/09/21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Freecause Toolbar BHO) - {614BDA1F-9BEF-4CD1-BDE4-FA4804929B4A} - C:\Program Files (x86)\MyPoints Point Finder\Toolbar.dll ()
O2 - BHO: (PHPNukeEN Toolbar) - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (MyPoints Point Finder) - {89A2510A-B4B6-4683-BEC9-1B96700BC7F1} - C:\Program Files (x86)\MyPoints Point Finder\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (PHPNukeEN Toolbar) - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (MyPoints Point Finder) - {89A2510A-B4B6-4683-BEC9-1B96700BC7F1} - C:\Program Files (x86)\MyPoints Point Finder\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PHPNukeEN Toolbar) - {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - C:\Program Files (x86)\PHPNukeEN\tbPHPN.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Update 4200C] C:\sj655\hpupdate.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [DriverUpdaterPro] C:\Program Files (x86)\CleverTune Software\Driver Updater Pro\DriverUpdaterPro.exe ()
O4 - HKCU..\Run: [HbDetect.exe] C:\Program Files (x86)\Playskool\MADE FOR ME Software\HbDetect.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [iLike] C:\Program Files (x86)\iLike\1.2.16\ilikesidebar.exe (iLike)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKCU..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe (Phoenix Labs)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1b675848-2158-11df-82e7-002618a40665}\Shell - "" = AutoRun
O33 - MountPoints2\{1b675848-2158-11df-82e7-002618a40665}\Shell\AutoRun\command - "" = F:\VVD.exe -- File not found
O33 - MountPoints2\{92a1fb84-d886-11de-b991-002618a40665}\Shell - "" = AutoRun
O33 - MountPoints2\{92a1fb84-d886-11de-b991-002618a40665}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\VVD.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009/07/13 20:20:14 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 90 Days ==========

[2010/04/29 23:25:42 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/04/29 23:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/04/29 13:17:45 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Roaming\WinPatrol
[2010/04/29 13:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2010/04/29 01:26:48 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\Desktop\avz4
[2010/04/29 01:24:45 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/04/28 12:30:02 | 000,000,000 | R--D | C] -- C:\Users\Chelsea\Podcasts
[2010/04/25 21:03:24 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
[2010/04/25 21:01:58 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\Desktop\x86
[2010/04/25 21:01:54 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\Desktop\x64
[2010/04/25 03:36:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Motorola Shared
[2010/04/25 03:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Whiz
[2010/04/25 03:16:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Whiz
[2010/04/25 03:08:19 | 000,000,000 | ---D | C] -- C:\Windows\Application Data
[2010/04/25 02:18:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2010/04/25 02:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Inc
[2010/04/25 02:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2010/04/25 02:18:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola
[2010/04/25 00:37:13 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Local\BVRP Software
[2010/04/25 00:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LiveUpdate
[2010/04/25 00:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mobile PhoneTools
[2010/04/25 00:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2010/04/18 04:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/04/17 21:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/04/17 21:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010/04/17 21:39:11 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Roaming\HP
[2010/04/17 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Local\HP
[2010/04/17 21:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010/04/17 21:34:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010/04/17 21:33:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010/04/17 21:32:32 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010/04/17 21:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/04/17 21:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/04/16 15:01:43 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Roaming\iWin
[2010/04/14 14:54:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PHPNukeEN
[2010/04/14 14:54:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/04/14 12:17:22 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\CD95F661A5C444F5A6AAECDD91C240BA.TMP
[2010/04/14 12:07:34 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Roaming\Uniblue
[2010/04/14 12:07:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2010/04/08 08:02:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/04/08 08:02:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/04/06 08:01:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010/04/06 00:05:45 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Roaming\iLike
[2010/04/06 00:05:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLike
[2010/04/05 22:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/04/05 22:20:36 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Roaming\Nero
[2010/04/05 22:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/04/05 22:18:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2010/04/05 21:06:19 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Local\Xilisoft
[2010/04/05 21:06:17 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Roaming\Xilisoft
[2010/04/05 21:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xilisoft
[2010/04/05 20:09:59 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Roaming\Malwarebytes
[2010/04/05 20:09:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/05 20:09:50 | 000,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/05 20:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/05 20:09:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/04/05 19:59:14 | 004,045,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Chelsea\Documents\mbam-setup.exe
[2010/04/05 18:09:29 | 000,000,000 | ---D | C] -- C:\my dvd
[2010/04/05 18:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy DVD Creator
[2010/04/05 15:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2010/04/05 15:37:43 | 001,954,640 | ---- | C] (PeerBlock, LLC ) -- C:\Users\Chelsea\Documents\PeerBlock-Setup_v1.0.0.r181.exe
[2010/04/02 02:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/04/02 02:20:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/03/30 11:32:06 | 000,000,000 | ---D | C] -- C:\ProgramData\WorldWinner.com
[2010/03/30 11:31:11 | 000,000,000 | ---D | C] -- C:\ProgramData\WorldWinner
[2010/03/30 11:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WorldWinner.com, Inc
[2010/03/30 11:31:04 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Roaming\Worldwinner
[2010/03/27 21:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010/03/23 17:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPoints Point Finder
[2010/03/21 19:24:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Photo Wizard
[2010/03/19 16:38:28 | 000,000,000 | ---D | C] -- C:\sj445
[2010/03/19 15:47:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1E0658B1-A430-4171-BE09-FC7807BF37F6}
[2010/03/19 15:45:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CADB9CA1-4659-4E57-B1C2-E2C1E8A6C8A0}
[2010/03/19 15:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CleverTune Software
[2010/03/19 15:44:54 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Local\PackageAware
[2010/03/19 15:37:25 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\AppData\Local\PC_Drivers_Headquarters
[2010/03/19 15:34:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2010/03/19 15:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2010/03/19 15:13:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2010/03/12 09:17:26 | 000,012,976 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/03/11 22:37:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/03/09 23:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\btscanner
[2010/03/09 23:43:57 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\Documents\Apps
[2010/03/09 21:37:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartCell Technology
[2010/03/09 20:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2010/02/25 16:39:27 | 000,000,000 | ---D | C] -- C:\Users\Chelsea\Documents\VividShare
[2010/02/24 07:06:20 | 000,726,816 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\drivers\netr7364.sys
[2010/02/24 06:07:08 | 000,311,072 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2010/02/10 01:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/02/10 01:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/02/10 01:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/02/05 00:49:19 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/02/05 00:03:14 | 000,000,000 | ---D | C] -- C:\sj655
[2010/02/02 22:15:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Celebrity Toolbar
[1 C:\Users\Chelsea\*.tmp files -> C:\Users\Chelsea\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/04/29 23:42:29 | 008,126,464 | -HS- | M] () -- C:\Users\Chelsea\ntuser.dat
[2010/04/29 23:28:56 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010/04/29 23:27:08 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/29 23:27:08 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/29 23:25:08 | 000,000,886 | ---- | M] () -- C:\Users\Chelsea\Desktop\NTREGOPT.lnk
[2010/04/29 23:25:08 | 000,000,867 | ---- | M] () -- C:\Users\Chelsea\Desktop\ERUNT.lnk
[2010/04/29 23:24:17 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/04/29 23:24:17 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/04/29 23:24:17 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/04/29 23:24:01 | 000,001,193 | ---- | M] () -- C:\Users\Chelsea\Desktop\erunt_setup - Shortcut.lnk
[2010/04/29 23:19:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/29 23:19:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/29 23:19:33 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/29 23:18:51 | 001,469,109 | -H-- | M] () -- C:\Users\Chelsea\AppData\Local\IconCache.db
[2010/04/29 23:17:45 | 000,001,115 | ---- | M] () -- C:\Users\Chelsea\Desktop\TFC - Shortcut.lnk
[2010/04/29 17:41:43 | 059,393,922 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/04/29 03:38:22 | 000,047,038 | ---- | M] () -- C:\Users\Chelsea\Documents\cc_20100429_033707.reg
[2010/04/29 01:23:13 | 003,923,257 | ---- | M] () -- C:\Users\Chelsea\Desktop\ComboFix(2).exe
[2010/04/29 00:51:04 | 000,000,737 | ---- | M] () -- C:\Users\Chelsea\Desktop\ComboFix - Shortcut.lnk
[2010/04/28 12:15:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForChelsea.job
[2010/04/25 21:03:38 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk
[2010/04/25 19:55:17 | 000,001,095 | ---- | M] () -- C:\Users\Chelsea\Desktop\Motorola Phone (K1) - Shortcut.lnk
[2010/04/25 15:21:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2010/04/25 15:21:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motccgp_01007.Wdf
[2010/04/25 15:15:16 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Motorola Software Update.lnk
[2010/04/25 03:17:00 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Driver Whiz.lnk
[2010/04/25 02:22:21 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motmodem_01007.Wdf
[2010/04/25 00:37:10 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\mobile PhoneTools.lnk
[2010/04/23 15:45:14 | 000,002,080 | ---- | M] () -- C:\Users\Chelsea\Desktop\2010-04-23 Daddy and Preston - Shortcut.lnk
[2010/04/21 15:53:08 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010/04/19 00:40:02 | 000,348,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/04/18 03:59:36 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/17 22:31:04 | 000,023,144 | ---- | M] () -- C:\Windows\hpqins15.dat
[2010/04/17 22:12:37 | 000,000,283 | ---- | M] () -- C:\Users\Chelsea\Desktop\HP HP Creative Studio - Photobooks & Scrapbooks.url
[2010/04/17 21:42:41 | 000,167,860 | ---- | M] () -- C:\Windows\hpoins37.dat
[2010/04/17 21:42:40 | 000,084,624 | ---- | M] () -- C:\Users\Chelsea\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/17 21:38:26 | 000,000,438 | ---- | M] () -- C:\Windows\win.ini
[2010/04/17 21:35:10 | 000,001,281 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/04/17 21:35:00 | 000,001,127 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2010/04/17 21:34:32 | 000,002,065 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/04/17 21:33:54 | 000,002,270 | ---- | M] () -- C:\Users\Public\Desktop\Windows Live Photo Gallery.lnk
[2010/04/14 15:50:33 | 037,459,200 | ---- | M] () -- C:\Users\Chelsea\Desktop\9cy9wjy7.exe
[2010/04/14 12:15:06 | 000,419,467 | ---- | M] () -- C:\Users\Chelsea\Documents\winsrepair.zip
[2010/04/14 12:07:30 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010/04/08 02:02:44 | 000,000,000 | -H-- | M] () -- C:\Users\Chelsea\Documents\Default.rdp
[2010/04/07 16:38:44 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/05 21:05:04 | 000,002,069 | ---- | M] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2010/04/05 20:09:54 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/05 19:59:17 | 004,045,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Chelsea\Documents\mbam-setup.exe
[2010/04/05 19:56:21 | 000,363,520 | ---- | M] () -- C:\Users\Chelsea\Documents\rkill.exe
[2010/04/05 18:07:00 | 000,000,067 | ---- | M] () -- C:\Windows\Easy DVD Creator.INI
[2010/04/05 18:06:45 | 000,000,985 | ---- | M] () -- C:\Users\Chelsea\Desktop\Easy DVD Creator.lnk
[2010/04/05 15:42:39 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/04/05 15:38:50 | 000,000,876 | ---- | M] () -- C:\Users\Chelsea\Desktop\PeerBlock.lnk
[2010/04/05 15:37:44 | 001,954,640 | ---- | M] (PeerBlock, LLC ) -- C:\Users\Chelsea\Documents\PeerBlock-Setup_v1.0.0.r181.exe
[2010/03/27 21:48:19 | 000,001,067 | ---- | M] () -- C:\Users\Chelsea\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/03/21 21:49:09 | 000,001,212 | ---- | M] () -- C:\Users\Chelsea\Desktop\Photo Editing & Saving Wizard.lnk
[2010/03/19 15:47:12 | 000,001,305 | ---- | M] () -- C:\Users\Public\Desktop\Registry Cleaner Pro.lnk
[2010/03/19 15:45:08 | 000,001,277 | ---- | M] () -- C:\Users\Public\Desktop\Driver Updater Pro.lnk
[2010/03/19 15:34:58 | 000,002,439 | ---- | M] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2010/03/16 13:51:11 | 000,001,230 | ---- | M] () -- C:\Users\Chelsea\Desktop\Calculator.lnk
[2010/03/12 09:17:26 | 000,035,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010/03/12 09:17:26 | 000,012,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/03/12 09:17:06 | 000,269,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010/03/09 23:52:36 | 000,001,794 | ---- | M] () -- C:\Users\Chelsea\Desktop\Bluetooth Scanner.lnk
[2010/03/03 16:00:48 | 005,397,504 | ---- | M] () -- C:\Users\Chelsea\Desktop\Motorola_Consumer_Driver_Installation_MotoConnect_01.01.21_64_bit_4.5.0.msi
[2010/02/25 18:47:33 | 000,005,120 | ---- | M] () -- C:\Users\Chelsea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/25 16:55:53 | 000,000,082 | ---- | M] () -- C:\Users\Chelsea\Documents\FSCommand.swf
[2010/02/24 07:06:20 | 000,726,816 | ---- | M] (Ralink Technology, Corp.) -- C:\Windows\SysNative\drivers\netr7364.sys
[2010/02/24 06:07:08 | 000,311,072 | ---- | M] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2010/02/10 01:21:27 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/01/31 10:45:19 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[1 C:\Users\Chelsea\*.tmp files -> C:\Users\Chelsea\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/29 23:30:35 | 000,293,376 | ---- | C] () -- C:\Users\Chelsea\Desktop\gmer.exe.exe
[2010/04/29 23:25:08 | 000,000,886 | ---- | C] () -- C:\Users\Chelsea\Desktop\NTREGOPT.lnk
[2010/04/29 23:25:08 | 000,000,867 | ---- | C] () -- C:\Users\Chelsea\Desktop\ERUNT.lnk
[2010/04/29 23:24:01 | 000,001,193 | ---- | C] () -- C:\Users\Chelsea\Desktop\erunt_setup - Shortcut.lnk
[2010/04/29 23:17:45 | 000,001,115 | ---- | C] () -- C:\Users\Chelsea\Desktop\TFC - Shortcut.lnk
[2010/04/29 03:37:15 | 000,047,038 | ---- | C] () -- C:\Users\Chelsea\Documents\cc_20100429_033707.reg
[2010/04/29 01:23:13 | 003,923,257 | ---- | C] () -- C:\Users\Chelsea\Desktop\ComboFix(2).exe
[2010/04/29 00:51:04 | 000,000,737 | ---- | C] () -- C:\Users\Chelsea\Desktop\ComboFix - Shortcut.lnk
[2010/04/25 21:03:38 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk
[2010/04/25 19:55:17 | 000,001,095 | ---- | C] () -- C:\Users\Chelsea\Desktop\Motorola Phone (K1) - Shortcut.lnk
[2010/04/25 15:21:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2010/04/25 15:21:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motccgp_01007.Wdf
[2010/04/25 15:15:16 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Motorola Software Update.lnk
[2010/04/25 03:43:45 | 000,657,408 | ---- | C] () -- C:\Users\Chelsea\Desktop\Moto_KRZR_Driver.msi
[2010/04/25 03:35:50 | 003,679,744 | ---- | C] () -- C:\Users\Chelsea\Desktop\Motorola_EU_Driver_Installation_v2.6.2.msi
[2010/04/25 03:35:00 | 003,584,106 | ---- | C] () -- C:\Users\Chelsea\Desktop\Handset_USB_Driver_32_v2.6.2.0.zip
[2010/04/25 03:17:00 | 000,002,210 | ---- | C] () -- C:\Users\Public\Desktop\Driver Whiz.lnk
[2010/04/25 02:22:21 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motmodem_01007.Wdf
[2010/04/25 02:17:53 | 005,397,504 | ---- | C] () -- C:\Users\Chelsea\Desktop\Motorola_Consumer_Driver_Installation_MotoConnect_01.01.21_64_bit_4.5.0.msi
[2010/04/25 00:37:10 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\mobile PhoneTools.lnk
[2010/04/23 15:45:14 | 000,002,080 | ---- | C] () -- C:\Users\Chelsea\Desktop\2010-04-23 Daddy and Preston - Shortcut.lnk
[2010/04/18 03:59:36 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/17 22:30:32 | 000,023,144 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/04/17 22:12:37 | 000,000,283 | ---- | C] () -- C:\Users\Chelsea\Desktop\HP HP Creative Studio - Photobooks & Scrapbooks.url
[2010/04/17 21:35:10 | 000,001,281 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/04/17 21:35:00 | 000,001,127 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2010/04/17 21:34:32 | 000,002,065 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/04/17 21:33:54 | 000,002,270 | ---- | C] () -- C:\Users\Public\Desktop\Windows Live Photo Gallery.lnk
[2010/04/17 21:27:24 | 000,167,860 | ---- | C] () -- C:\Windows\hpoins37.dat
[2010/04/17 21:27:24 | 000,001,618 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/04/14 15:30:38 | 037,459,200 | ---- | C] () -- C:\Users\Chelsea\Desktop\9cy9wjy7.exe
[2010/04/14 12:15:06 | 000,419,467 | ---- | C] () -- C:\Users\Chelsea\Documents\winsrepair.zip
[2010/04/14 12:07:30 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010/04/08 02:02:44 | 000,000,000 | -H-- | C] () -- C:\Users\Chelsea\Documents\Default.rdp
[2010/04/05 21:05:04 | 000,002,069 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2010/04/05 20:09:54 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/05 19:56:20 | 000,363,520 | ---- | C] () -- C:\Users\Chelsea\Documents\rkill.exe
[2010/04/05 18:06:48 | 000,000,067 | ---- | C] () -- C:\Windows\Easy DVD Creator.INI
[2010/04/05 18:06:45 | 000,000,985 | ---- | C] () -- C:\Users\Chelsea\Desktop\Easy DVD Creator.lnk
[2010/04/05 15:38:50 | 000,000,876 | ---- | C] () -- C:\Users\Chelsea\Desktop\PeerBlock.lnk
[2010/03/27 21:48:19 | 000,001,067 | ---- | C] () -- C:\Users\Chelsea\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/03/21 19:24:05 | 000,001,212 | ---- | C] () -- C:\Users\Chelsea\Desktop\Photo Editing & Saving Wizard.lnk
[2010/03/19 15:47:12 | 000,001,305 | ---- | C] () -- C:\Users\Public\Desktop\Registry Cleaner Pro.lnk
[2010/03/19 15:45:08 | 000,001,277 | ---- | C] () -- C:\Users\Public\Desktop\Driver Updater Pro.lnk
[2010/03/19 15:34:58 | 000,002,439 | ---- | C] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2010/03/16 13:51:11 | 000,001,230 | ---- | C] () -- C:\Users\Chelsea\Desktop\Calculator.lnk
[2010/03/11 22:37:23 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/03/09 23:46:39 | 000,001,794 | ---- | C] () -- C:\Users\Chelsea\Desktop\Bluetooth Scanner.lnk
[2010/03/09 23:46:38 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\intelbth.dll
[2010/03/09 23:46:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\ICE_JNIRegistry.dll
[2010/03/08 17:39:11 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForChelsea.job
[2010/02/25 16:55:53 | 000,000,082 | ---- | C] () -- C:\Users\Chelsea\Documents\FSCommand.swf
[2010/02/25 16:51:49 | 000,005,120 | ---- | C] () -- C:\Users\Chelsea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/10 01:21:27 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/01/01 17:07:31 | 000,000,102 | ---- | C] () -- C:\Windows\wininit.ini
[2009/07/15 17:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2009/12/27 04:18:41 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\AVG9
[2009/11/23 16:17:45 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\Azureus
[2010/04/06 00:05:45 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\iLike
[2010/01/24 23:19:02 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\IObit
[2010/04/16 15:01:43 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\iWin
[2009/10/23 19:45:45 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\PictureMover
[2009/10/25 00:31:11 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\Playskool
[2010/01/28 19:08:12 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\SPORE
[2010/04/14 12:07:34 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\Uniblue
[2010/04/29 23:42:37 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\uTorrent
[2009/10/23 19:46:35 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\WildTangent
[2009/11/14 10:02:44 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\WinBatch
[2010/04/29 13:17:45 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\WinPatrol
[2010/03/30 11:31:04 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\Worldwinner
[2010/04/05 21:06:17 | 000,000,000 | ---D | M] -- C:\Users\Chelsea\AppData\Roaming\Xilisoft
[2010/04/29 23:28:56 | 000,000,398 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010/01/31 10:45:19 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2009/07/13 22:08:49 | 000,014,410 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/04/24 13:43:13 | 000,000,000 | ---- | M] () -- C:\DBS.TXT
[2009/11/14 10:07:44 | 000,000,125 | ---- | M] () -- C:\FINIS_IT.TXT
[2010/04/29 23:19:33 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/04/29 23:19:34 | 3085,426,688 | -HS- | M] () -- C:\pagefile.sys
[2010/04/05 18:48:54 | 000,271,462 | ---- | M] () -- C:\StarBurn.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
< End of report >

Attached Files


Edited by ChelseaDG, 03 May 2010 - 12:45 AM.

  • 0

#3
ChelseaDG
Posted 07 May 2010 - 12:04 AM

ChelseaDG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
This topic can be closed. I have resolved the issue.
  • 0

#4
SweetTech
Posted 07 May 2010 - 11:49 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP