Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

computer still running SLOW

Started by hoodleehoo , May 15 2009 05:36 AM

  • Please log in to reply

#1
hoodleehoo
Posted 15 May 2009 - 05:36 AM

hoodleehoo

    Member

  • Member
  • PipPip
  • 58 posts
To make sure I didn't have a malware problem I was told to first post on here after going through the steps. Do you think malware could still be the reason my computer sometimes takes hours to do simple things like drag icons into a folder on desktop? I have the latest win updates, I have XP, I've defragged, I have paid AVG version, etc. Here are the logs:

Malwarebytes' Anti-Malware 1.36
Database version: 2128
Windows 5.1.2600 Service Pack 3

5/13/2009 11:57:32 PM
mbam-log-2009-05-13 (23-57-32).txt

Scan type: Quick Scan
Objects scanned: 90244
Time elapsed: 14 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 16

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Adware.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Adware.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Adware.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Adware.Ascentive) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\SysRestore.dll (Adware.Ascentive) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\SysRestore.dll (Adware.Ascentive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\adventure.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\angieimpressing.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\batfont.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\caspercomics.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\damnnoisykids.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\dj_gross.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\fearless.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\hollywood_hills.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\internationalsuperhero.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\jj_stencil.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\malachecrunch.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\meltdown.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\scoobydoo.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\sfcomicscript.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\stencilcase.zip (Worm.Archive) -> Quarantined and deleted successfully.

Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:305242 Mo/Free:1683 Mo)
D:\ [Fixed] - NTFS - (Total:71316 Mo/Free:1161 Mo)
E:\ [Removable] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:0 Mo/Free:0 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)
K:\ [Removable] (Total:0 Mo/Free:0 Mo)
L:\ [Removable] (Total:0 Mo/Free:0 Mo)

Thu 05/14/2009|22:35

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\windows\system32\csrss.exe
---------- \??\C:\windows\system32\winlogon.exe
---------- C:\windows\system32\services.exe
---------- C:\windows\system32\lsass.exe
---------- C:\windows\system32\svchost.exe
---------- C:\windows\system32\svchost.exe
---------- C:\windows\System32\svchost.exe
---------- C:\windows\System32\svchost.exe
---------- C:\windows\System32\svchost.exe
---------- C:\windows\system32\spoolsv.exe
---------- C:\windows\System32\SCardSvr.exe
---------- C:\windows\System32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
---------- C:\PROGRA~1\AVG\AVG8\avgfws8.exe
---------- C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
---------- C:\PROGRA~1\AVG\AVG8\avgam.exe
---------- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
---------- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
---------- C:\windows\system32\hasplms.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\windows\system32\nvsvc32.exe
---------- C:\Program Files\Spyware Terminator\sp_rsser.exe
---------- C:\windows\System32\svchost.exe
---------- C:\windows\System32\alg.exe
---------- C:\windows\System32\vssvc.exe
---------- C:\WINDOWS\System32\dllhost.exe
---------- C:\WINDOWS\System32\dllhost.exe
---------- C:\WINDOWS\System32\msdtc.exe
---------- C:\windows\Explorer.EXE
---------- C:\windows\Mixer.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\PROGRA~1\AVG\AVG8\avgtray.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Program Files\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
---------- C:\windows\system32\RUNDLL32.EXE
---------- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
---------- C:\Program Files\AVG\AVG8\Identity Protection\agent\bin\AVGIDSUI.exe
---------- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
---------- C:\windows\system32\rundll32.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
---------- C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe
---------- C:\windows\system32\wuauclt.exe
---------- C:\windows\system32\wuauclt.exe
---------- C:\windows\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Thu 05/14/2009|22:36

----------------------\\ Scan completed at 22:36

OTListIt logfile created on: 5/14/2009 8:34:43 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.7 Folder = C:\Documents and Settings\Jonathan\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 98.46% Memory free
4.00 Gb Paging File | 3.49 Gb Available in Paging File | 87.32% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 57.65 Gb Free Space | 19.34% Space Free | Partition Type: NTFS
Drive D: | 69.65 Gb Total Space | 33.13 Gb Free Space | 47.58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JONATHANS
Current User Name: Jonathan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe (AVG)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite, Inc. (www.carbonite.com))
PRC - C:\Program Files\AVG\AVG8\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\windows\system32\hasplms.exe (Aladdin Knowledge Systems Ltd.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\windows\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\windows\Mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe ()
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files\AVG\AVG8\Identity Protection\agent\bin\AVGIDSUI.exe (AVG)
PRC - C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe (Silicon Image, Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Crawler\Toolbar\CToolbar.exe (Crawler.com)
PRC - C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe ()
PRC - C:\Documents and Settings\Jonathan\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws8 [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent [Auto | Stopped]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG)
SRV - (AVGIDSWatcher [Auto | Running]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe (AVG)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CarboniteService [Auto | Running]) -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite, Inc. (www.carbonite.com))
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (hasplms [Auto | Running]) -- C:\windows\system32\hasplms.exe (Aladdin Knowledge Systems Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\windows\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (sp_rssrv [Auto | Running]) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (StumbleUponUpdateService [On_Demand | Stopped]) -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe (stumbleupon.com)
SRV - (Viewpoint Manager Service [Auto | Stopped]) -- File not found
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (aksfridge [Auto | Running]) -- C:\windows\system32\DRIVERS\aksfridge.sys (Aladdin Knowledge Systems Ltd.)
DRV - (akshasp [On_Demand | Running]) -- C:\windows\system32\DRIVERS\akshasp.sys (Aladdin Knowledge Systems Ltd.)
DRV - (akshhl [On_Demand | Running]) -- C:\windows\system32\DRIVERS\akshhl.sys (Aladdin Knowledge Systems Ltd.)
DRV - (aksusb [On_Demand | Running]) -- C:\windows\system32\DRIVERS\aksusb.sys (Aladdin Knowledge Systems Ltd.)
DRV - (ASPI32 [Auto | Running]) -- C:\windows\System32\drivers\aspi32.sys (Adaptec)
DRV - (Avc [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (Avgfwdx [On_Demand | Running]) -- C:\windows\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwfd [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\driver\platform_XP\AVGIDSDriver.sys (AVG Technologies )
DRV - (AVGIDSErHr [Boot | Running]) -- C:\windows\System32\Drivers\AVGIDSErHr.sys (AVG Technologies )
DRV - (AVGIDSFilter [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\driver\platform_XP\AVGIDSFilter.sys (AVG Technologies )
DRV - (AVGIDSShim [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\driver\platform_XP\AVGIDSShim.sys (AVG Technologies )
DRV - (AvgLdx86 [System | Running]) -- C:\windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86 [Boot | Running]) -- C:\windows\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (BANTExt [System | Running]) -- C:\windows\System32\Drivers\BANTExt.sys ()
DRV - (cmpci [On_Demand | Running]) -- C:\windows\system32\drivers\cmaudio.sys (C-Media Inc)
DRV - (dalwdmservice [On_Demand | Running]) -- C:\windows\system32\drivers\dalwdm.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV - (DigiFilter [Boot | Running]) -- C:\WINDOWS\system32\drivers\DigiFilter.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV - (E1000 [On_Demand | Running]) -- C:\windows\System32\DRIVERS\e1000325.sys (Intel Corporation)
DRV - (gameenum [On_Demand | Running]) -- C:\windows\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\windows\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hardlock [Auto | Running]) -- C:\windows\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (iLokDrvr [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\iLokDrvr.sys ()
DRV - (ITESCR2K [On_Demand | Running]) -- C:\windows\System32\DRIVERS\itescr2k.sys (Windows ® 2000 DDK provider)
DRV - (itsernum [On_Demand | Running]) -- C:\windows\System32\DRIVERS\itsernum.sys (Windows ® 2000 DDK provider)
DRV - (MSDV [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\windows\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\windows\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\windows\System32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SI3112 [Boot | Running]) -- C:\windows\system32\DRIVERS\SI3112.sys (Silicon Image, Inc)
DRV - (SiFilter [Boot | Running]) -- C:\windows\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV - (SiRemFil [Boot | Running]) -- C:\windows\system32\DRIVERS\SiRemFil.sys (Silicon Image, Inc)
DRV - (sptd [Boot | Running]) -- C:\windows\System32\Drivers\sptd.sys ()
DRV - (sp_rsdrv2 [System | Running]) -- C:\windows\system32\drivers\sp_rsdrv2.sys ()
DRV - (TPkd [Boot | Running]) -- C:\windows\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (XIRLINK [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\C-itnt.sys (Xirlink, Inc)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: paypalfirefoxplugin@orbiscom:2.2.19.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - user.js..browser.search.openintab: false

FF - HKLM\software\mozilla\Firefox\Extensions\\paypalfirefoxplugin@orbiscom: C:\PROGRAM FILES\PAYPAL\PAYPAL PLUG-IN
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/04/27 06:10:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/16 15:51:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX\ [2009/05/03 09:17:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/06 23:52:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/06 23:52:09 | 00,000,000 | ---D | M]

[2008/09/11 14:33:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Extensions
[2008/09/11 14:33:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/12 22:23:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Firefox\Profiles\y6253gpo.default\extensions
[2009/05/01 22:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Firefox\Profiles\y6253gpo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/03/28 02:33:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Firefox\Profiles\y6253gpo.default\extensions\[email protected]
[2009/05/12 22:51:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 21:06:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/05/07 11:29:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/08/04 17:27:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/28 20:31:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/22 01:26:35 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/10/28 09:30:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/16 15:51:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/29 21:06:47 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 21:06:47 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/09/11 14:33:19 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/09/11 14:33:19 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2007/07/26 12:05:16 | 00,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2008/09/11 14:33:19 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/14 22:30:48 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/09/11 14:33:19 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/09/11 14:33:19 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/09/11 14:33:20 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (OToolbarHelper Class) - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll ()
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (PayPal Plug-In) - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\Identity Protection\agent\bin\AVGIDSUI.exe" (AVG)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [C-Media Mixer] Mixer.exe /startup (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NexusServer] "C:\Program Files\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch ()
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" (Crawler.com)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SATARaid.lnk = C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe (Silicon Image, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage [2009/02/05 15:11:45 | 00,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: scout.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: stumbleupon.com ([]* in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnote...ad/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1163118646093 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\windows\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/11/08 16:33:43 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[3 C:\windows\*.tmp files]
[2009/05/14 18:20:43 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jonathan\Desktop\OTListIt2.exe
[2009/05/14 08:26:04 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/14 08:25:52 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Jonathan\Desktop\Rooter.exe
[2009/05/13 23:37:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jonathan\Application Data\Malwarebytes
[2009/05/13 23:37:06 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2009/05/13 23:37:02 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2009/05/13 23:36:59 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/13 23:36:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/13 23:29:28 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jonathan\Desktop\mbam-setup(2).exe
[2009/05/13 23:27:09 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jonathan\Desktop\mbam-setup.exe
[2009/05/13 23:26:17 | 00,000,000 | ---D | C] -- C:\windows\ERDNT
[2009/05/13 23:25:26 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/13 23:24:38 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Jonathan\Desktop\erunt_setup.exe
[2009/05/13 19:46:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jonathan\Desktop\shack
[2009/05/12 22:17:34 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Jonathan\Desktop\SysRestorePoint.exe
[2009/05/12 18:39:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/05/06 23:55:00 | 00,202,072 | R--- | C] (Coupons, Inc.) -- C:\windows\System32\cpnprt2.cid
[2009/05/06 23:52:11 | 00,000,000 | ---D | C] -- C:\windows\Cache
[2009/05/06 23:33:39 | 00,000,000 | ---D | C] -- C:\Program Files\Coupons
[2009/05/06 06:24:08 | 00,000,332 | ---- | C] () -- C:\windows\System32\BIN_STRSBW.SPT
[2009/05/05 19:39:35 | 00,000,150 | ---- | C] () -- C:\windows\System32\spupdsvc.inf
[2009/05/05 19:33:42 | 00,001,355 | ---- | C] () -- C:\windows\imsins.BAK
[2009/05/03 10:09:11 | 00,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2009/05/03 09:20:44 | 00,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2009/05/03 09:15:34 | 00,000,000 | ---D | C] -- C:\Program Files\Crawler
[2009/05/03 09:15:28 | 00,142,592 | ---- | C] () -- C:\windows\System32\drivers\sp_rsdrv2.sys
[2009/05/03 09:15:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jonathan\Application Data\Spyware Terminator
[2009/05/03 09:15:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2009/05/03 09:15:16 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2009/05/03 09:09:06 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/05/03 08:53:00 | 00,223,232 | ---- | C] () -- C:\windows\System32\sqlite3.dll
[2009/05/03 08:52:52 | 00,217,088 | ---- | C] (Ascentive) -- C:\windows\System32\ConTest.dll
[2009/05/03 08:52:51 | 00,086,016 | ---- | C] () -- C:\windows\System32\SQLiteWrapper.dll
[2009/04/27 18:10:12 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Jonathan\My Documents\ubh notes template.doc
[2009/04/27 06:12:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jonathan\Application Data\AVG8
[2009/04/16 05:44:53 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xpsp4res.dll
[2009/04/16 05:44:51 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\wordpad.exe
[2009/04/16 05:43:59 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\pdh.dll
[2009/04/16 05:43:58 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\rpcss.dll
[2009/04/16 05:43:57 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\fastprox.dll
[2009/04/16 05:43:57 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\services.exe
[2009/04/16 05:43:56 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\wmiprvsd.dll
[2009/04/16 05:43:56 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\wmiprvse.exe
[2009/04/16 05:43:55 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\lsasrv.dll
[2009/04/16 05:43:54 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\advapi32.dll
[2009/04/16 05:43:53 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\ntdll.dll
[2008/10/28 09:43:06 | 00,000,050 | ---- | C] () -- C:\windows\MegaManager.INI
[2008/09/19 16:57:34 | 03,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2008/09/19 16:55:10 | 00,000,416 | ---- | C] () -- C:\windows\System32\dtu100.dll.manifest
[2008/09/19 16:55:10 | 00,000,416 | ---- | C] () -- C:\windows\System32\dpl100.dll.manifest
[2008/09/19 16:54:18 | 00,012,288 | ---- | C] () -- C:\windows\System32\DivXWMPExtType.dll
[2008/09/15 13:55:38 | 00,057,344 | R--- | C] () -- C:\windows\System32\pavedius.dll
[2008/09/11 17:12:47 | 00,120,320 | ---- | C] ( ) -- C:\windows\System32\LAGARITH.DLL
[2008/09/11 01:32:11 | 00,003,840 | ---- | C] () -- C:\windows\System32\drivers\BANTExt.sys
[2008/06/19 20:36:19 | 00,001,521 | ---- | C] () -- C:\windows\ScriptRC1.1.ini
[2008/06/19 20:36:19 | 00,000,000 | ---- | C] () -- C:\windows\ScriptVT1.1.ini
[2008/06/19 20:36:19 | 00,000,000 | ---- | C] () -- C:\windows\ScriptTG1.1.ini
[2008/03/11 23:26:56 | 00,000,151 | ---- | C] () -- C:\windows\PhotoSnapViewer.INI
[2008/03/04 17:23:27 | 00,176,235 | ---- | C] () -- C:\windows\System32\Primomonnt.dll
[2008/01/30 12:01:05 | 00,000,000 | ---- | C] () -- C:\windows\iPlayer.INI
[2008/01/07 02:34:09 | 00,000,726 | ---- | C] () -- C:\windows\bundle.ini
[2007/06/04 17:24:55 | 00,166,912 | ---- | C] () -- C:\windows\System32\Lame_enc.dll
[2007/06/04 17:16:23 | 00,000,067 | ---- | C] () -- C:\windows\AoADVDRipper.INI
[2007/06/04 17:16:14 | 00,139,264 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2007/05/13 17:29:48 | 00,682,232 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2007/03/15 02:16:56 | 00,000,037 | ---- | C] () -- C:\windows\ipixActivex.ini
[2007/02/17 00:36:31 | 00,000,000 | ---- | C] () -- C:\windows\LiveBilliardsDemo.INI
[2007/01/29 10:08:51 | 00,001,569 | ---- | C] () -- C:\windows\ScriptRC1.0.ini
[2007/01/09 04:49:44 | 00,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
[2006/12/05 01:29:18 | 00,002,048 | ---- | C] () -- C:\windows\System32\clauth2.dll
[2006/12/05 01:29:18 | 00,002,048 | ---- | C] () -- C:\windows\System32\clauth1.dll
[2006/12/05 01:29:18 | 00,001,025 | ---- | C] () -- C:\windows\System32\sysprs7.dll
[2006/12/05 01:29:18 | 00,000,205 | ---- | C] () -- C:\windows\System32\lsprst7.dll
[2006/12/05 01:29:18 | 00,000,073 | ---- | C] () -- C:\windows\System32\ssprs.dll
[2006/12/04 16:01:30 | 00,363,520 | ---- | C] () -- C:\windows\System32\psisdecd.dll
[2006/11/29 03:17:44 | 00,029,704 | ---- | C] () -- C:\windows\System32\drivers\iLokDrvr.sys
[2006/11/29 03:17:22 | 00,217,088 | R--- | C] () -- C:\windows\System32\qtmlClient.dll
[2006/11/29 03:17:22 | 00,003,478 | ---- | C] () -- C:\windows\System32\digicoin.dll
[2006/11/13 23:41:52 | 00,000,032 | ---- | C] () -- C:\windows\wininit.ini
[2006/11/09 14:45:19 | 01,703,936 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll
[2006/11/09 14:45:19 | 01,486,848 | ---- | C] () -- C:\windows\System32\nview.dll
[2006/11/09 14:45:19 | 01,019,904 | ---- | C] () -- C:\windows\System32\nvwimg.dll
[2006/11/09 14:45:19 | 00,573,440 | ---- | C] () -- C:\windows\System32\nvhwvid.dll
[2006/11/09 14:45:19 | 00,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll
[2006/11/09 14:45:19 | 00,286,720 | ---- | C] () -- C:\windows\System32\nvnt4cpl.dll
[2006/11/09 14:34:54 | 00,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2006/11/09 14:23:07 | 00,010,240 | ---- | C] () -- C:\windows\System32\vidx16.dll
[2006/11/09 14:22:54 | 00,000,202 | ---- | C] () -- C:\windows\CMISETUP.INI
[2006/11/09 14:15:07 | 00,004,333 | ---- | C] () -- C:\windows\mixerdef.ini
[2006/11/06 17:49:36 | 00,000,310 | ---- | C] () -- C:\windows\primopdf.ini
[2005/07/08 23:07:46 | 00,007,168 | ---- | C] () -- C:\windows\System32\dfscacm.dll
[2005/07/08 23:07:44 | 00,005,632 | ---- | C] () -- C:\windows\System32\dfsc.dll
[2003/03/31 07:00:00 | 00,000,648 | ---- | C] () -- C:\windows\win.ini
[2003/03/31 07:00:00 | 00,000,231 | ---- | C] () -- C:\windows\system.ini
[2003/02/11 09:58:50 | 00,126,976 | ---- | C] () -- C:\windows\System32\e1000msg.dll
[1999/12/31 20:27:52 | 00,386,560 | ---- | C] () -- C:\windows\System32\PaintX.dll
[1998/07/30 01:22:00 | 00,173,056 | ---- | C] () -- C:\windows\System32\EMUDLL.DLL

========== Files - Modified Within 30 Days ==========

[3 C:\windows\*.tmp files]
[2009/05/14 18:20:44 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonathan\Desktop\OTListIt2.exe
[2009/05/14 17:46:10 | 00,056,488 | ---- | M] () -- C:\windows\System32\drivers\Avg\microavi.avg
[2009/05/14 17:46:09 | 36,091,790 | ---- | M] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2009/05/14 17:00:17 | 00,000,438 | ---- | M] () -- C:\windows\tasks\XoftSpySE 2.job
[2009/05/14 08:25:53 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Jonathan\Desktop\Rooter.exe
[2009/05/14 08:17:17 | 00,195,601 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2009/05/14 08:15:47 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Jonathan\Local Settings\desktop.ini
[2009/05/14 08:00:00 | 00,000,414 | ---- | M] () -- C:\windows\tasks\XoftSpy.job
[2009/05/13 23:59:50 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2009/05/13 23:59:46 | 00,013,646 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2009/05/13 23:59:41 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2009/05/13 23:37:08 | 00,000,332 | ---- | M] () -- C:\windows\System32\BIN_STRSBW.SPT
[2009/05/13 23:30:05 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jonathan\Desktop\mbam-setup(2).exe
[2009/05/13 23:27:09 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jonathan\Desktop\mbam-setup.exe
[2009/05/13 23:24:38 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Jonathan\Desktop\erunt_setup.exe
[2009/05/13 07:56:06 | 00,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2009/05/12 22:17:34 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Jonathan\Desktop\SysRestorePoint.exe
[2009/05/12 04:41:18 | 00,000,368 | ---- | M] () -- C:\windows\tasks\XoftSpySE.job
[2009/05/07 09:45:30 | 00,006,092 | ---- | M] () -- C:\Documents and Settings\Jonathan\Application Data\PrimoPDFSet.xml
[2009/05/06 23:55:09 | 00,202,072 | R--- | M] (Coupons, Inc.) -- C:\windows\System32\cpnprt2.cid
[2009/05/06 06:37:49 | 00,522,706 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2009/05/06 06:37:49 | 00,441,624 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2009/05/06 06:37:49 | 00,071,308 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2009/05/05 19:40:27 | 00,001,355 | ---- | M] () -- C:\windows\imsins.BAK
[2009/05/05 19:39:35 | 00,000,150 | ---- | M] () -- C:\windows\System32\spupdsvc.inf
[2009/05/03 09:15:28 | 00,142,592 | ---- | M] () -- C:\windows\System32\drivers\sp_rsdrv2.sys
[2009/04/27 18:10:13 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Jonathan\My Documents\ubh notes template.doc
[2009/04/26 09:39:18 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgrsstx.dll
[2009/04/26 09:39:17 | 00,325,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgldx86.sys
[2009/04/26 09:39:17 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgmfx86.sys
[2009/04/26 09:39:04 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgfwdx.dll
[2009/04/26 09:39:04 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgfwdx.sys
[2009/04/26 09:39:03 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgrkx86.sys
[2009/04/26 09:38:32 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgtdix.sys
[2009/04/17 19:30:42 | 00,434,673 | ---- | M] () -- C:\windows\System32\drivers\Avg\miniavi.avg
< End of report >

OTListIt Extras logfile created on: 5/14/2009 8:34:43 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.7 Folder = C:\Documents and Settings\Jonathan\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 98.46% Memory free
4.00 Gb Paging File | 3.49 Gb Available in Paging File | 87.32% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 57.65 Gb Free Space | 19.34% Space Free | Partition Type: NTFS
Drive D: | 69.65 Gb Total Space | 33.13 Gb Free Space | 47.58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JONATHANS
Current User Name: Jonathan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare (Free Peers, Inc.)
C:\Program Files\Microsoft Office\Office10\FRONTPG.EXE:*:Enabled:Microsoft FrontPage (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2C65AEAA-EDF4-42E0-AA43-D74A5362CA02}" = Adobe Setup
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}" = iTunes
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{45C8D89F-C8FF-4B4D-B866-32C9D6301FED}" = MainConcept MPEG Encoder
"{45D3CD3E-7715-4341-8441-A3A6409FCDE4}" = BIAS SoundSoap 2.0
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{596BDFE6-5C96-11D6-A1B0-0090CC0CE3C6}" = ITE Smart Accessories
"{5ABA79B3-86B3-4729-8CC0-8B531E5F9629}" = Digidesign Pro Tools® LE 6.1
"{61CEB2D7-8D3B-4247-B75E-A95F6699B90A}" = Adobe After Effects 6.5
"{621980B2-3286-4A00-BB8B-6DC2F88C24B4}" = Title Tool Kit 1.1
"{663118ED-6E80-45D6-9484-6830798B8B86}" = ProCoder 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73317C31-2B6E-4B88-9865-B97C1331A39D}" = PayPal Plug-In
"{7404D71A-4CED-4391-A79A-9FF5126736FE}" = PACE System Files
"{7583D2F8-8E7D-40C5-9862-4D218006FB84}" = AVG Identity Protection
"{772E9146-D676-4869-A298-047FF2A2B92D}" = Canopus Codec Option
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91649626-E343-11D5-BCEF-005004748D87}" = SATARaid
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A14F7508-B784-40B8-B11A-E0E2EEB7229F}" = Adobe Premiere Pro 1.5
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C7A59F-CF70-481E-A94F-7C2563AA5ADD}" = Sony DVD Architect Studio 4.5
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{C169D3BB-9A27-43F5-9979-09A0D65FE95C}" = SmartFTP Client 2.0
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C2E925D5-FE98-406D-91DD-220380A55AC7}" = Setup
"{C894366E-51C4-4162-BA82-ECBEFC1C2C61}" = PayPal Plug-In
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F1C9C7F7-0D56-40B2-A276-152762D39BCA}" = Adobe Setup
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.18)
"{F86BC634-A412-43D5-9675-A847CD4844EF}" = Pitch 'n Time
"{FD056B18-E887-4FAB-83A6-344B743CA0B6}" = Digidesign Shared Plug-Ins
"7-Zip" = 7-Zip 4.44 beta
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Adobe_5d83aea83f5009a0d267d337e3f55fe" = Adobe After Effects CS3
"Adobe_71c180716438072ebd356ce2549df41" = Adobe Premiere Pro CS3 Third Party Content
"AdobeESD" = Adobe Download Manager 2.0 (Remove Only)
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.00
"AVG8Uninstall" = AVG 8.5
"BearFlix" = BearFlix
"Belarc Advisor" = Belarc Advisor 7.2
"BitLord" = BitLord 1.1
"Carbonite Backup" = Carbonite
"CCleaner" = CCleaner (remove only)
"Classic Arcade Games from Midway" = Classic Arcade Games from Midway
"Color Finesse 2" = Color Finesse 2
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"DebugMode FrameServer" = DebugMode FrameServer
"DivX Content Uploader" = DivX Content Uploader
"Dropbox" = Dropbox
"DXTXTRA" = Microsoft DirectX Transform optional components
"ERUNT_is1" = ERUNT 1.1j
"exPressit S.E. 2.2" = exPressit S.E. 2.2
"Inkscape" = Inkscape 0.45.1
"InstallShield_{45C8D89F-C8FF-4B4D-B866-32C9D6301FED}" = MainConcept MPEG Encoder
"InstallShield_{F86BC634-A412-43D5-9675-A847CD4844EF}" = Pitch 'n Time
"InterActual Player" = InterActual Player
"LAGARITH" = Lagarith lossless video codec (Remove Only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PacMAME" = PacMAME
"PCI Audio Applications" = PCI Audio Applications
"PCI Audio Driver" = PCI Audio Driver
"Picasa2" = Picasa 2
"PrimoPDF4.0" = PrimoPDF
"PROSet" = Intel® PRO Network Adapters and Drivers
"SmartFTP Client 2.0 Setup Files" = SmartFTP Client 2.0 Setup Files (remove only)
"Spyware Terminator_is1" = Spyware Terminator
"ST6UNST #1" = DraftPak edit 2
"StumbleUponIEToolbar" = StumbleUpon IE Toolbar
"SystemRequirementsLab" = System Requirements Lab
"Total Doc Converter_is1" = TotalDocConverter
"Trillian" = Trillian
"WAV to MP3 Encoder" = WAV to MP3 Encoder
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XoftSpySE" = XoftSpySE
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XviD & MP3 Codec Pack_is1" = XviD & MP3 Codec Pack (remove only)
"XviD_is1" = XviD 1.1 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/11/2009 11:59:22 PM | Computer Name = JONATHANS | Source = VSS | ID = 8193
Description = Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x8007041d.

Error - 4/20/2009 7:43:53 PM | Computer Name = JONATHANS | Source = Application Error | ID = 1000
Description = Faulting application avgtray.exe, version 8.5.0.268, faulting module
unknown, version 0.0.0.0, fault address 0x7dd67fd2.

Error - 4/27/2009 3:28:16 PM | Computer Name = JONATHANS | Source = Application Error | ID = 1000
Description = Faulting application easyclea.exe, version 2.0.6.380, faulting module
easyclea.exe, version 2.0.6.380, fault address 0x0002dbd3.

Error - 4/27/2009 9:46:29 PM | Computer Name = JONATHANS | Source = VSS | ID = 12289
Description = Volume Shadow Copy Service error: Unexpected error CreateFileW(\\?\Volume{9f247898-6f3c-11db-b972-806d6172696f},0xc0000000,0x00000003,...).
hr = 0x800705aa.

Error - 4/28/2009 2:29:27 PM | Computer Name = JONATHANS | Source = VSS | ID = 12289
Description = Volume Shadow Copy Service error: Unexpected error CreateFileW(\\?\Volume{9f247898-6f3c-11db-b972-806d6172696f},0xc0000000,0x00000003,...).
hr = 0x800705aa.

Error - 4/28/2009 5:19:30 PM | Computer Name = JONATHANS | Source = VSS | ID = 12289
Description = Volume Shadow Copy Service error: Unexpected error CreateFileW(\\?\Volume{9f247898-6f3c-11db-b972-806d6172696f},0xc0000000,0x00000003,...).
hr = 0x800705aa.

Error - 4/29/2009 10:08:08 PM | Computer Name = JONATHANS | Source = nview_info | ID = 11141121
Description =

Error - 5/5/2009 8:40:48 PM | Computer Name = JONATHANS | Source = Application Hang | ID = 1002
Description = Hanging application SpywareTerminator.exe, version 2.5.6.316, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/12/2009 7:38:08 PM | Computer Name = JONATHANS | Source = MsiInstaller | ID = 11904
Description = Product: Google Gears -- Error 1904. Module C:\Program Files\Google\Google
Gears\Internet Explorer\0.5.19.0\gears.dll failed to register. HRESULT -2147024891.
Contact your support personnel.

Error - 5/12/2009 11:13:21 PM | Computer Name = JONATHANS | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3399, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 5/14/2009 12:59:47 AM | Computer Name = JONATHANS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 5/14/2009 12:59:47 AM | Computer Name = JONATHANS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 5/14/2009 12:59:47 AM | Computer Name = JONATHANS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 5/14/2009 12:59:47 AM | Computer Name = JONATHANS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 5/14/2009 12:59:47 AM | Computer Name = JONATHANS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 5/14/2009 12:59:47 AM | Computer Name = JONATHANS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 5/14/2009 12:59:47 AM | Computer Name = JONATHANS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 5/14/2009 1:00:38 AM | Computer Name = JONATHANS | Source = Service Control Manager | ID = 7000
Description = The Viewpoint Manager Service service failed to start due to the following
error: %%3

Error - 5/14/2009 11:08:23 AM | Computer Name = JONATHANS | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\windows\system32\urlmon.dll"
on line 0.

Error - 5/14/2009 11:08:23 AM | Computer Name = JONATHANS | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\windows\system32\urlmon.dll.
Reference
error message: The operation completed successfully. .


< End of report >
  • 0

Advertisements

#2
XmichouX
Posted 18 May 2009 - 01:42 PM

XmichouX

    Trusted Helper

  • Retired Staff
  • 1,292 posts
Hi,

Disable resident protections (Antivirus...); re-enable them after the scan

Download ToolBar S&D < here

Double-click ToolBar S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which was created: (%SystemDrive%\TB.txt)

Regards,
  • 0

#3
hoodleehoo
Posted 18 May 2009 - 09:51 PM

hoodleehoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Jonathan ( Administrator )
BOOT : Normal boot
Antivirus : AVG Internet Security 8.5 (Activated)
Firewall : AVG Firewall 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:298 Go (Free:57 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:33 Go)
E:\ (USB)
F:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( Mon 05/18/2009|22:33 )

-----------\\ Searching for Files - Folders ...

C:\Program Files\BitLord
C:\Program Files\BitLord\BitLord.exe
C:\Program Files\BitLord\BitLord.url
C:\Program Files\BitLord\BitLord.xml
C:\Program Files\BitLord\Downloads
C:\Program Files\BitLord\Downloads.xml
C:\Program Files\BitLord\lang
C:\Program Files\BitLord\License.txt
C:\Program Files\BitLord\rules
C:\Program Files\BitLord\Torrents
C:\Program Files\BitLord\uninst.exe
C:\Program Files\BitLord\Downloads\Cathouse.Season1
C:\Program Files\BitLord\Downloads\requiem-1.8.2.zip
C:\Program Files\BitLord\Downloads\RiffTraxSWHoliday
C:\Program Files\BitLord\Downloads\The Best FREE Traffic Secrets
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 1.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 10.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 11.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 2.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 3.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 episode 4.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 5.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 6.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 7.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 8.avi.bc!
C:\Program Files\BitLord\Downloads\Cathouse.Season1\Cathouse The Series S1 Episode 9.avi.bc!
C:\Program Files\BitLord\Downloads\RiffTraxSWHoliday\RiffTraxSWHoliday.avi.bc!
C:\Program Files\BitLord\Downloads\The Best FREE Traffic Secrets\Please Read Me.txt
C:\Program Files\BitLord\Downloads\The Best FREE Traffic Secrets\The Best Free Traffic Secrets.pdf
C:\Program Files\BitLord\lang\lang_ar_ae.xml
C:\Program Files\BitLord\lang\lang_bg_bg.xml
C:\Program Files\BitLord\lang\lang_ca_es.xml
C:\Program Files\BitLord\lang\lang_cz_cz.xml
C:\Program Files\BitLord\lang\lang_da_dk.xml
C:\Program Files\BitLord\lang\lang_de_de.xml
C:\Program Files\BitLord\lang\lang_el_gr.xml
C:\Program Files\BitLord\lang\lang_en_us.xml
C:\Program Files\BitLord\lang\lang_es_ar.xml
C:\Program Files\BitLord\lang\lang_es_es.xml
C:\Program Files\BitLord\lang\lang_et_ee.xml
C:\Program Files\BitLord\lang\lang_fi_fi.xml
C:\Program Files\BitLord\lang\lang_fr_fr.xml
C:\Program Files\BitLord\lang\lang_gl_es.xml
C:\Program Files\BitLord\lang\lang_he_il.xml
C:\Program Files\BitLord\lang\lang_hu_hu.xml
C:\Program Files\BitLord\lang\lang_it_it.xml
C:\Program Files\BitLord\lang\lang_jp_jp.xml
C:\Program Files\BitLord\lang\lang_ko_kr.xml
C:\Program Files\BitLord\lang\lang_nb_no.xml
C:\Program Files\BitLord\lang\lang_nl_nl.xml
C:\Program Files\BitLord\lang\lang_pl_pl.xml
C:\Program Files\BitLord\lang\lang_pt_br.xml
C:\Program Files\BitLord\lang\lang_pt_pt.xml
C:\Program Files\BitLord\lang\lang_ro_ro.xml
C:\Program Files\BitLord\lang\lang_ru_ru.xml
C:\Program Files\BitLord\lang\lang_sk_sk.xml
C:\Program Files\BitLord\lang\lang_sl_si.xml
C:\Program Files\BitLord\lang\lang_sr_sr.xml
C:\Program Files\BitLord\lang\lang_sv_se.xml
C:\Program Files\BitLord\lang\lang_th_th.xml
C:\Program Files\BitLord\lang\lang_tr_tr.xml
C:\Program Files\BitLord\lang\lang_va_es.xml
C:\Program Files\BitLord\lang\lang_zh_tw.xml
C:\Program Files\BitLord\rules\ipfilter.dat
C:\Program Files\BitLord\rules\tracker.dat
C:\Program Files\BitLord\Torrents\Adobe.CS3.Products.Crack.rar.torrent
C:\Program Files\BitLord\Torrents\Adobe.CS3.Products.Crack.rar.xml
C:\Program Files\BitLord\Torrents\Cathouse.Season1.torrent
C:\Program Files\BitLord\Torrents\Cathouse.Season1.xml
C:\Program Files\BitLord\Torrents\CIV3.COLLECTION.torrent
C:\Program Files\BitLord\Torrents\CIV3.COLLECTION.xml
C:\Program Files\BitLord\Torrents\Civilization 2.torrent
C:\Program Files\BitLord\Torrents\Civilization 2.xml
C:\Program Files\BitLord\Torrents\Demon City Shinjuku.ogm.torrent
C:\Program Files\BitLord\Torrents\Demon City Shinjuku.ogm.xml
C:\Program Files\BitLord\Torrents\Galactic_civilization_2_-_1.31_Fixed_EXE_by_acantoni.rar.torrent
C:\Program Files\BitLord\Torrents\Galactic_civilization_2_-_1.31_Fixed_EXE_by_acantoni.rar.xml
C:\Program Files\BitLord\Torrents\Inside.the.Actors.Studio.Mike.Myers.2nd.Visit.DSR.XviD-SYS.torrent
C:\Program Files\BitLord\Torrents\Inside.the.Actors.Studio.Mike.Myers.2nd.Visit.DSR.XviD-SYS.xml
C:\Program Files\BitLord\Torrents\Mystery Method DVD 1.torrent
C:\Program Files\BitLord\Torrents\Mystery Method DVD 1.xml
C:\Program Files\BitLord\Torrents\Mystery Method Dvd Volume 3.torrent
C:\Program Files\BitLord\Torrents\Mystery Method Dvd Volume 3.xml
C:\Program Files\BitLord\Torrents\Mystery Method Dvd Volume 4.torrent
C:\Program Files\BitLord\Torrents\Mystery Method Dvd Volume 4.xml
C:\Program Files\BitLord\Torrents\Mystery Method Dvd Volume 5.torrent
C:\Program Files\BitLord\Torrents\Mystery Method Dvd Volume 5.xml
C:\Program Files\BitLord\Torrents\Mystery Method Video Vol2.torrent
C:\Program Files\BitLord\Torrents\Mystery Method Video Vol2.xml
C:\Program Files\BitLord\Torrents\Premiere Pro CS3 keygen + activation.exe.torrent
C:\Program Files\BitLord\Torrents\Premiere Pro CS3 keygen + activation.exe.xml
C:\Program Files\BitLord\Torrents\requiem-1.8.2.zip.torrent
C:\Program Files\BitLord\Torrents\requiem-1.8.2.zip.xml
C:\Program Files\BitLord\Torrents\RiffTraxSWHoliday.torrent
C:\Program Files\BitLord\Torrents\RiffTraxSWHoliday.xml
C:\Program Files\BitLord\Torrents\The Best FREE Traffic Secrets.torrent
C:\Program Files\BitLord\Torrents\The Best FREE Traffic Secrets.xml
C:\Program Files\BitLord\Torrents\The Foot Fist Way[2008][Unrated Edition]DvDrip[Eng]-FXG.torrent
C:\Program Files\BitLord\Torrents\The Foot Fist Way[2008][Unrated Edition]DvDrip[Eng]-FXG.xml
C:\Program Files\BitLord\Torrents\wicker man rifftrax.avi.torrent
C:\Program Files\BitLord\Torrents\Xilisoft.DVD.Ripper.Platinum.4.0.75.0511.torrent
C:\Program Files\BitLord\Torrents\Xilisoft.DVD.Ripper.Platinum.4.0.75.0511.xml
C:\Program Files\BitLord\Torrents\[NLA]_Macross_-_Do_You_Remember_Love.torrent
C:\Program Files\BitLord\Torrents\[NLA]_Macross_-_Do_You_Remember_Love.xml
C:\DOCUME~1\Jonathan\STARTM~1\Programs\BitLord
C:\Program Files\Crawler
C:\Program Files\Crawler\Download
C:\Program Files\Crawler\Toolbar
C:\Program Files\Crawler\Toolbar\adrkeys.dat
C:\Program Files\Crawler\Toolbar\COMMON_FF.dat
C:\Program Files\Crawler\Toolbar\confirm.dat
C:\Program Files\Crawler\Toolbar\ctbcomm.dll
C:\Program Files\Crawler\Toolbar\ctbr.dll
C:\Program Files\Crawler\Toolbar\CTConf.dat
C:\Program Files\Crawler\Toolbar\CTipsDef.dll
C:\Program Files\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Crawler\Toolbar\CUpdate.exe
C:\Program Files\Crawler\Toolbar\firefox
C:\Program Files\Crawler\Toolbar\Languages
C:\Program Files\Crawler\Toolbar\lookfor.dat
C:\Program Files\Crawler\Toolbar\majorse.dat
C:\Program Files\Crawler\Toolbar\rootmenu.dat
C:\Program Files\Crawler\Toolbar\services.dat
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct
C:\Program Files\Crawler\Toolbar\STWSG_FF.dat
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct
C:\Program Files\Crawler\Toolbar\Update
C:\Program Files\Crawler\Toolbar\WebSecurityGuard.dll
C:\Program Files\Crawler\Toolbar\WSGData
C:\Program Files\Crawler\Toolbar\firefox\chrome
C:\Program Files\Crawler\Toolbar\firefox\chrome.manifest
C:\Program Files\Crawler\Toolbar\firefox\components
C:\Program Files\Crawler\Toolbar\firefox\install.ini
C:\Program Files\Crawler\Toolbar\firefox\install.rdf
C:\Program Files\Crawler\Toolbar\firefox\stwsg_ff.ini
C:\Program Files\Crawler\Toolbar\firefox\chrome\common.jar
C:\Program Files\Crawler\Toolbar\firefox\chrome\stwsg.jar
C:\Program Files\Crawler\Toolbar\firefox\components\xcomm.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xplugin.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.dll
C:\Program Files\Crawler\Toolbar\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_FF.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_NL.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_FR.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_NL.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PL.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_RU.cab
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\Update\domains.cab
C:\Program Files\Crawler\Toolbar\WSGData\domains
C:\Program Files\Crawler\Toolbar\WSGData\g_S-1-5-21-1547161642-2049760794-682003330-1004.dat
C:\Program Files\Crawler\Toolbar\WSGData\p_S-1-5-21-1547161642-2049760794-682003330-1004.dat
C:\Program Files\Crawler\Toolbar\WSGData\wfilter.dat
C:\Program Files\Crawler\Toolbar\WSGData\w_S-1-5-21-1547161642-2049760794-682003330-1004.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_030.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_030_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_031.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_031_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_032.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_032_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\index.dat
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Crawler Toolbar
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

-----------\\ Extensions

(Jonathan) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
"Local Page"="C:\\windows\\system32\\blank.htm"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft...r=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft...ie&ar=iesearch"
"Search Page"="http://www.google.com/"
"Start Page"="http://www.google.com/"


--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Jonathan\My Documents\My Pictures\engrish\crack-power.jpg



1 - "C:\ToolBar SD\TB_1.txt" - Mon 05/18/2009|22:46 - Option : [1]

-----------\\ Scan completed at 22:46:56.09
  • 0

#4
XmichouX
Posted 19 May 2009 - 02:09 PM

XmichouX

    Trusted Helper

  • Retired Staff
  • 1,292 posts
Hi,

Restart ToolBar S&D

This time choose Option 2 (Fix)
Don't close the window during suppression!
Post the log which was created: (%SystemDrive%\TB.txt)

Please post too a new OTListIt log.

Regards,
  • 0

#5
hoodleehoo
Posted 19 May 2009 - 07:11 PM

hoodleehoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Jonathan ( Administrator )
BOOT : Normal boot
Antivirus : AVG Internet Security 8.5 (Activated)
Firewall : AVG Firewall 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:298 Go (Free:57 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:33 Go)
E:\ (USB)
F:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( Tue 05/19/2009|19:26 )

-----------\\ FIX

Deleted! - C:\Program Files\BitLord\BitLord.exe
Deleted! - C:\Program Files\BitLord\BitLord.url
Deleted! - C:\Program Files\BitLord\BitLord.xml
Deleted! - C:\Program Files\BitLord\Downloads
Deleted! - C:\Program Files\BitLord\Downloads.xml
Deleted! - C:\Program Files\BitLord\lang
Deleted! - C:\Program Files\BitLord\License.txt
Deleted! - C:\Program Files\BitLord\rules
Deleted! - C:\Program Files\BitLord\Torrents
Deleted! - C:\Program Files\BitLord\uninst.exe
Deleted! - C:\DOCUME~1\Jonathan\STARTM~1\Programs\BitLord
Deleted! - C:\Program Files\Crawler\Download
Deleted! - C:\Program Files\Crawler\Toolbar
Deleted! - C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Crawler Toolbar
Deleted! - C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
Deleted! - C:\Program Files\BitLord
Deleted! - C:\Program Files\Crawler

-----------\\ Searching for Files - Folders ...


-----------\\ Extensions

(Jonathan) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
"Local Page"="C:\\windows\\system32\\blank.htm"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft...r=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft...ie&ar=iesearch"
"Search Page"="http://www.google.com/"
"Start Page"="http://www.msn.com/"


--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Jonathan\My Documents\My Pictures\engrish\crack-power.jpg



1 - "C:\ToolBar SD\TB_1.txt" - Mon 05/18/2009|22:46 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - Tue 05/19/2009|19:34 - Option : [2]

-----------\\ Scan completed at 19:34:44.25
  • 0

#6
hoodleehoo
Posted 19 May 2009 - 08:05 PM

hoodleehoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Jonathan ( Administrator )
BOOT : Normal boot
Antivirus : AVG Internet Security 8.5 (Activated)
Firewall : AVG Firewall 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:298 Go (Free:57 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:33 Go)
E:\ (USB)
F:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( Tue 05/19/2009|20:54 )

-----------\\ Searching for Files - Folders ...


-----------\\ Extensions

(Jonathan) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
"Local Page"="C:\\windows\\system32\\blank.htm"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft...r=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft...ie&ar=iesearch"
"Search Page"="http://www.google.com/"
"Start Page"="http://www.msn.com/"


--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Jonathan\My Documents\My Pictures\engrish\crack-power.jpg



1 - "C:\ToolBar SD\TB_1.txt" - Mon 05/18/2009|22:46 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - Tue 05/19/2009|19:34 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - Tue 05/19/2009|21:01 - Option : [2]

-----------\\ Scan completed at 21:01:53.40
  • 0

#7
hoodleehoo
Posted 19 May 2009 - 09:32 PM

hoodleehoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
OTListIt logfile created on: 5/19/2009 9:51:27 PM - Run 2
OTListIt2 by OldTimer - Version 2.0.15.7 Folder = C:\Documents and Settings\Jonathan\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 96.78% Memory free
4.00 Gb Paging File | 3.49 Gb Available in Paging File | 87.27% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 57.14 Gb Free Space | 19.17% Space Free | Partition Type: NTFS
Drive D: | 69.65 Gb Total Space | 33.13 Gb Free Space | 47.58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JONATHANS
Current User Name: Jonathan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe (AVG)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite, Inc. (www.carbonite.com))
PRC - C:\windows\system32\hasplms.exe (Aladdin Knowledge Systems Ltd.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\windows\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\windows\Mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe ()
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files\AVG\AVG8\Identity Protection\agent\bin\AVGIDSUI.exe (AVG)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe (Silicon Image, Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgscanx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Jonathan\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws8 [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent [Auto | Stopped]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG)
SRV - (AVGIDSWatcher [Auto | Running]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe (AVG)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CarboniteService [Auto | Running]) -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite, Inc. (www.carbonite.com))
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (hasplms [Auto | Running]) -- C:\windows\system32\hasplms.exe (Aladdin Knowledge Systems Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\windows\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (sp_rssrv [Auto | Running]) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (StumbleUponUpdateService [On_Demand | Stopped]) -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe (stumbleupon.com)
SRV - (Viewpoint Manager Service [Auto | Stopped]) -- File not found
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (aksfridge [Auto | Running]) -- C:\windows\system32\DRIVERS\aksfridge.sys (Aladdin Knowledge Systems Ltd.)
DRV - (akshasp [On_Demand | Running]) -- C:\windows\system32\DRIVERS\akshasp.sys (Aladdin Knowledge Systems Ltd.)
DRV - (akshhl [On_Demand | Running]) -- C:\windows\system32\DRIVERS\akshhl.sys (Aladdin Knowledge Systems Ltd.)
DRV - (aksusb [On_Demand | Running]) -- C:\windows\system32\DRIVERS\aksusb.sys (Aladdin Knowledge Systems Ltd.)
DRV - (ASPI32 [Auto | Running]) -- C:\windows\System32\drivers\aspi32.sys (Adaptec)
DRV - (Avc [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (Avgfwdx [On_Demand | Running]) -- C:\windows\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwfd [On_Demand | Stopped]) -- C:\windows\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\driver\platform_XP\AVGIDSDriver.sys (AVG Technologies )
DRV - (AVGIDSErHr [Boot | Running]) -- C:\windows\System32\Drivers\AVGIDSErHr.sys (AVG Technologies )
DRV - (AVGIDSFilter [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\driver\platform_XP\AVGIDSFilter.sys (AVG Technologies )
DRV - (AVGIDSShim [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\Identity Protection\agent\driver\platform_XP\AVGIDSShim.sys (AVG Technologies )
DRV - (AvgLdx86 [System | Running]) -- C:\windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86 [Boot | Running]) -- C:\windows\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (BANTExt [System | Running]) -- C:\windows\System32\Drivers\BANTExt.sys ()
DRV - (cmpci [On_Demand | Running]) -- C:\windows\system32\drivers\cmaudio.sys (C-Media Inc)
DRV - (dalwdmservice [On_Demand | Running]) -- C:\windows\system32\drivers\dalwdm.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV - (DigiFilter [Boot | Running]) -- C:\WINDOWS\system32\drivers\DigiFilter.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV - (E1000 [On_Demand | Running]) -- C:\windows\System32\DRIVERS\e1000325.sys (Intel Corporation)
DRV - (gameenum [On_Demand | Running]) -- C:\windows\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\windows\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hardlock [Auto | Running]) -- C:\windows\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (iLokDrvr [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\iLokDrvr.sys ()
DRV - (ITESCR2K [On_Demand | Running]) -- C:\windows\System32\DRIVERS\itescr2k.sys (Windows ® 2000 DDK provider)
DRV - (itsernum [On_Demand | Running]) -- C:\windows\System32\DRIVERS\itsernum.sys (Windows ® 2000 DDK provider)
DRV - (MSDV [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\windows\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\windows\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\windows\System32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SI3112 [Boot | Running]) -- C:\windows\system32\DRIVERS\SI3112.sys (Silicon Image, Inc)
DRV - (SiFilter [Boot | Running]) -- C:\windows\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV - (SiRemFil [Boot | Running]) -- C:\windows\system32\DRIVERS\SiRemFil.sys (Silicon Image, Inc)
DRV - (sptd [Boot | Running]) -- C:\windows\System32\Drivers\sptd.sys ()
DRV - (sp_rsdrv2 [System | Running]) -- C:\windows\system32\drivers\sp_rsdrv2.sys ()
DRV - (TPkd [Boot | Running]) -- C:\windows\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (XIRLINK [On_Demand | Stopped]) -- C:\windows\System32\DRIVERS\C-itnt.sys (Xirlink, Inc)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: paypalfirefoxplugin@orbiscom:2.2.19.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - user.js..browser.search.openintab: false

FF - HKLM\software\mozilla\Firefox\Extensions\\paypalfirefoxplugin@orbiscom: C:\PROGRAM FILES\PAYPAL\PAYPAL PLUG-IN
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/04/27 06:10:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/16 15:51:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/06 23:52:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/06 23:52:09 | 00,000,000 | ---D | M]

[2008/09/11 14:33:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Extensions
[2008/09/11 14:33:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/19 21:12:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Firefox\Profiles\y6253gpo.default\extensions
[2009/05/01 22:58:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Firefox\Profiles\y6253gpo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/03/28 02:33:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan\Application Data\mozilla\Firefox\Profiles\y6253gpo.default\extensions\[email protected]
[2009/05/19 21:12:46 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 21:06:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/05/07 11:29:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/08/04 17:27:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/28 20:31:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/22 01:26:35 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/10/28 09:30:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/16 15:51:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/29 21:06:47 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 21:06:47 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/09/11 14:33:19 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/09/11 14:33:19 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/09/11 14:33:19 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/14 22:30:48 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/09/11 14:33:19 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/09/11 14:33:19 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/09/11 14:33:20 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (OToolbarHelper Class) - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll ()
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (PayPal Plug-In) - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\Identity Protection\agent\bin\AVGIDSUI.exe" (AVG)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [C-Media Mixer] Mixer.exe /startup (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NexusServer] "C:\Program Files\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch ()
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" (Crawler.com)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SATARaid.lnk = C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe (Silicon Image, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: scout.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: stumbleupon.com ([]* in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnote...ad/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1163118646093 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\windows\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/11/08 16:33:43 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[3 C:\windows\*.tmp files]
[2009/05/18 22:31:32 | 00,000,000 | ---D | C] -- C:\ToolBar SD
[2009/05/18 22:30:14 | 00,343,017 | ---- | C] () -- C:\Documents and Settings\Jonathan\Desktop\ToolBarSD.exe
[2009/05/18 05:07:27 | 00,000,000 | ---D | C] -- C:\Program Files\WhatsRunning
[2009/05/18 05:06:21 | 01,156,884 | ---- | C] (WhatsRunning.net ) -- C:\Documents and Settings\Jonathan\Desktop\WhatsRunning2_2_Setup.exe
[2009/05/18 05:02:50 | 00,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2009/05/18 05:00:54 | 04,179,293 | ---- | C] (Lavalys, Inc. ) -- C:\Documents and Settings\Jonathan\Desktop\everesthome220.exe
[2009/05/14 20:59:03 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/05/14 20:54:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jonathan\Desktop\log
[2009/05/14 18:20:43 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jonathan\Desktop\OTListIt2.exe
[2009/05/14 08:26:04 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/13 23:37:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jonathan\Application Data\Malwarebytes
[2009/05/13 23:37:06 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2009/05/13 23:37:02 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2009/05/13 23:36:59 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/13 23:36:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/13 23:26:17 | 00,000,000 | ---D | C] -- C:\windows\ERDNT
[2009/05/13 23:25:26 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/13 19:46:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jonathan\Desktop\shack
[2009/05/12 18:39:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/05/06 23:55:00 | 00,202,072 | R--- | C] (Coupons, Inc.) -- C:\windows\System32\cpnprt2.cid
[2009/05/06 23:52:11 | 00,000,000 | ---D | C] -- C:\windows\Cache
[2009/05/06 23:33:39 | 00,000,000 | ---D | C] -- C:\Program Files\Coupons
[2009/05/06 06:24:08 | 00,000,332 | ---- | C] () -- C:\windows\System32\BIN_STRSBW.SPT
[2009/05/05 19:39:35 | 00,000,150 | ---- | C] () -- C:\windows\System32\spupdsvc.inf
[2009/05/05 19:33:42 | 00,001,355 | ---- | C] () -- C:\windows\imsins.BAK
[2009/05/03 10:09:11 | 00,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2009/05/03 09:20:44 | 00,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2009/05/03 09:15:28 | 00,142,592 | ---- | C] () -- C:\windows\System32\drivers\sp_rsdrv2.sys
[2009/05/03 09:15:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jonathan\Application Data\Spyware Terminator
[2009/05/03 09:15:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2009/05/03 09:15:16 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2009/05/03 09:09:06 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/05/03 08:53:00 | 00,223,232 | ---- | C] () -- C:\windows\System32\sqlite3.dll
[2009/05/03 08:52:52 | 00,217,088 | ---- | C] (Ascentive) -- C:\windows\System32\ConTest.dll
[2009/05/03 08:52:51 | 00,086,016 | ---- | C] () -- C:\windows\System32\SQLiteWrapper.dll
[2009/04/27 18:10:12 | 00,021,504 | ---- | C] () -- C:\Documents and Settings\Jonathan\My Documents\ubh notes template.doc
[2009/04/27 06:12:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jonathan\Application Data\AVG8
[2008/10/28 09:43:06 | 00,000,050 | ---- | C] () -- C:\windows\MegaManager.INI
[2008/09/19 16:57:34 | 03,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2008/09/19 16:55:10 | 00,000,416 | ---- | C] () -- C:\windows\System32\dtu100.dll.manifest
[2008/09/19 16:55:10 | 00,000,416 | ---- | C] () -- C:\windows\System32\dpl100.dll.manifest
[2008/09/19 16:54:18 | 00,012,288 | ---- | C] () -- C:\windows\System32\DivXWMPExtType.dll
[2008/09/15 13:55:38 | 00,057,344 | R--- | C] () -- C:\windows\System32\pavedius.dll
[2008/09/11 17:12:47 | 00,120,320 | ---- | C] ( ) -- C:\windows\System32\LAGARITH.DLL
[2008/09/11 01:32:11 | 00,003,840 | ---- | C] () -- C:\windows\System32\drivers\BANTExt.sys
[2008/06/19 20:36:19 | 00,001,521 | ---- | C] () -- C:\windows\ScriptRC1.1.ini
[2008/06/19 20:36:19 | 00,000,000 | ---- | C] () -- C:\windows\ScriptVT1.1.ini
[2008/06/19 20:36:19 | 00,000,000 | ---- | C] () -- C:\windows\ScriptTG1.1.ini
[2008/03/11 23:26:56 | 00,000,151 | ---- | C] () -- C:\windows\PhotoSnapViewer.INI
[2008/03/04 17:23:27 | 00,176,235 | ---- | C] () -- C:\windows\System32\Primomonnt.dll
[2008/01/30 12:01:05 | 00,000,000 | ---- | C] () -- C:\windows\iPlayer.INI
[2008/01/07 02:34:09 | 00,000,726 | ---- | C] () -- C:\windows\bundle.ini
[2007/06/04 17:24:55 | 00,166,912 | ---- | C] () -- C:\windows\System32\Lame_enc.dll
[2007/06/04 17:16:23 | 00,000,067 | ---- | C] () -- C:\windows\AoADVDRipper.INI
[2007/06/04 17:16:14 | 00,139,264 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2007/05/13 17:29:48 | 00,682,232 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2007/03/15 02:16:56 | 00,000,037 | ---- | C] () -- C:\windows\ipixActivex.ini
[2007/02/17 00:36:31 | 00,000,000 | ---- | C] () -- C:\windows\LiveBilliardsDemo.INI
[2007/01/29 10:08:51 | 00,001,569 | ---- | C] () -- C:\windows\ScriptRC1.0.ini
[2007/01/09 04:49:44 | 00,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
[2006/12/05 01:29:18 | 00,002,048 | ---- | C] () -- C:\windows\System32\clauth2.dll
[2006/12/05 01:29:18 | 00,002,048 | ---- | C] () -- C:\windows\System32\clauth1.dll
[2006/12/05 01:29:18 | 00,001,025 | ---- | C] () -- C:\windows\System32\sysprs7.dll
[2006/12/05 01:29:18 | 00,000,205 | ---- | C] () -- C:\windows\System32\lsprst7.dll
[2006/12/05 01:29:18 | 00,000,073 | ---- | C] () -- C:\windows\System32\ssprs.dll
[2006/12/04 16:01:30 | 00,363,520 | ---- | C] () -- C:\windows\System32\psisdecd.dll
[2006/11/29 03:17:44 | 00,029,704 | ---- | C] () -- C:\windows\System32\drivers\iLokDrvr.sys
[2006/11/29 03:17:22 | 00,217,088 | R--- | C] () -- C:\windows\System32\qtmlClient.dll
[2006/11/29 03:17:22 | 00,003,478 | ---- | C] () -- C:\windows\System32\digicoin.dll
[2006/11/13 23:41:52 | 00,000,032 | ---- | C] () -- C:\windows\wininit.ini
[2006/11/09 14:45:19 | 01,703,936 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll
[2006/11/09 14:45:19 | 01,486,848 | ---- | C] () -- C:\windows\System32\nview.dll
[2006/11/09 14:45:19 | 01,019,904 | ---- | C] () -- C:\windows\System32\nvwimg.dll
[2006/11/09 14:45:19 | 00,573,440 | ---- | C] () -- C:\windows\System32\nvhwvid.dll
[2006/11/09 14:45:19 | 00,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll
[2006/11/09 14:45:19 | 00,286,720 | ---- | C] () -- C:\windows\System32\nvnt4cpl.dll
[2006/11/09 14:34:54 | 00,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2006/11/09 14:23:07 | 00,010,240 | ---- | C] () -- C:\windows\System32\vidx16.dll
[2006/11/09 14:22:54 | 00,000,202 | ---- | C] () -- C:\windows\CMISETUP.INI
[2006/11/09 14:15:07 | 00,004,333 | ---- | C] () -- C:\windows\mixerdef.ini
[2006/11/06 17:49:36 | 00,000,310 | ---- | C] () -- C:\windows\primopdf.ini
[2005/07/08 23:07:46 | 00,007,168 | ---- | C] () -- C:\windows\System32\dfscacm.dll
[2005/07/08 23:07:44 | 00,005,632 | ---- | C] () -- C:\windows\System32\dfsc.dll
[2003/03/31 07:00:00 | 00,000,648 | ---- | C] () -- C:\windows\win.ini
[2003/03/31 07:00:00 | 00,000,231 | ---- | C] () -- C:\windows\system.ini
[2003/02/11 09:58:50 | 00,126,976 | ---- | C] () -- C:\windows\System32\e1000msg.dll
[1999/12/31 20:27:52 | 00,386,560 | ---- | C] () -- C:\windows\System32\PaintX.dll
[1998/07/30 01:22:00 | 00,173,056 | ---- | C] () -- C:\windows\System32\EMUDLL.DLL

========== Files - Modified Within 30 Days ==========

[3 C:\windows\*.tmp files]
[2009/05/19 22:21:30 | 00,021,504 | ---- | M] () -- C:\Documents and Settings\Jonathan\My Documents\ubh notes template.doc
[2009/05/19 19:26:36 | 00,057,765 | ---- | M] () -- C:\windows\System32\drivers\Avg\microavi.avg
[2009/05/19 19:25:45 | 36,240,826 | ---- | M] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2009/05/19 17:00:12 | 00,000,438 | ---- | M] () -- C:\windows\tasks\XoftSpySE 2.job
[2009/05/19 08:10:42 | 00,000,368 | ---- | M] () -- C:\windows\tasks\XoftSpySE.job
[2009/05/19 08:00:00 | 00,000,414 | ---- | M] () -- C:\windows\tasks\XoftSpy.job
[2009/05/18 22:30:30 | 00,343,017 | ---- | M] () -- C:\Documents and Settings\Jonathan\Desktop\ToolBarSD.exe
[2009/05/18 05:06:52 | 01,156,884 | ---- | M] (WhatsRunning.net ) -- C:\Documents and Settings\Jonathan\Desktop\WhatsRunning2_2_Setup.exe
[2009/05/18 05:01:34 | 04,179,293 | ---- | M] (Lavalys, Inc. ) -- C:\Documents and Settings\Jonathan\Desktop\everesthome220.exe
[2009/05/14 18:20:44 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonathan\Desktop\OTListIt2.exe
[2009/05/14 08:17:17 | 00,195,601 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2009/05/14 08:15:47 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Jonathan\Local Settings\desktop.ini
[2009/05/13 23:59:50 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2009/05/13 23:59:46 | 00,013,646 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2009/05/13 23:59:41 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2009/05/13 23:37:08 | 00,000,332 | ---- | M] () -- C:\windows\System32\BIN_STRSBW.SPT
[2009/05/13 07:56:06 | 00,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2009/05/07 09:45:30 | 00,006,092 | ---- | M] () -- C:\Documents and Settings\Jonathan\Application Data\PrimoPDFSet.xml
[2009/05/06 23:55:09 | 00,202,072 | R--- | M] (Coupons, Inc.) -- C:\windows\System32\cpnprt2.cid
[2009/05/06 06:37:49 | 00,522,706 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2009/05/06 06:37:49 | 00,441,624 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2009/05/06 06:37:49 | 00,071,308 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2009/05/05 19:40:27 | 00,001,355 | ---- | M] () -- C:\windows\imsins.BAK
[2009/05/05 19:39:35 | 00,000,150 | ---- | M] () -- C:\windows\System32\spupdsvc.inf
[2009/05/03 09:15:28 | 00,142,592 | ---- | M] () -- C:\windows\System32\drivers\sp_rsdrv2.sys
[2009/04/26 09:39:18 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgrsstx.dll
[2009/04/26 09:39:17 | 00,325,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgldx86.sys
[2009/04/26 09:39:17 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgmfx86.sys
[2009/04/26 09:39:04 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgfwdx.dll
[2009/04/26 09:39:04 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgfwdx.sys
[2009/04/26 09:39:03 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgrkx86.sys
[2009/04/26 09:38:32 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgtdix.sys
< End of report >
  • 0

#8
XmichouX
Posted 20 May 2009 - 03:29 PM

XmichouX

    Trusted Helper

  • Retired Staff
  • 1,292 posts
Hi,

1) Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

2) Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.

Regards
  • 0

#9
hoodleehoo
Posted 20 May 2009 - 05:40 PM

hoodleehoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
I already ran the mb scan, I'll attach it here along with the drweb log I just ran.

Attached Files


  • 0

#10
hoodleehoo
Posted 21 May 2009 - 07:21 AM

hoodleehoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
Here's the drweb file
  • 0

Advertisements

#11
XmichouX
Posted 21 May 2009 - 12:25 PM

XmichouX

    Trusted Helper

  • Retired Staff
  • 1,292 posts
Hi,

I don't see the DrWeb report :)
  • 0

#12
hoodleehoo
Posted 21 May 2009 - 06:33 PM

hoodleehoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
It won't let me upload that kind of file. Maybe this will work?

Attached Files


  • 0

#13
XmichouX
Posted 22 May 2009 - 12:06 PM

XmichouX

    Trusted Helper

  • Retired Staff
  • 1,292 posts
Hi,

Mbam report is clean.
Please empty your Recycler.

Else, you should make the housework on your devices :

Please delete those folders if they are still present :

D:\Old_D_Backup\transferred\Local Disk (F)\old c drive\Program Files\Common Files\GMT
D:\Old_D_Backup\transferred\Local Disk (F)\program files\imesh

How is running your PC now ?

Regards,
  • 0

#14
hoodleehoo
Posted 22 May 2009 - 08:06 PM

hoodleehoo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
still running pretty slow :) Still can't play most online videos and normal tasks sometimes take a long time.
  • 0

#15
XmichouX
Posted 23 May 2009 - 02:14 AM

XmichouX

    Trusted Helper

  • Retired Staff
  • 1,292 posts
Hi,

It seems it's not malware related. Is your PC enough powerfull ?

You have many programs which launch at startup that are useless (to launch at startup), and it takes resources..

You can use HijackThis to remove certain unnecessary items from your startup.

Posted ImageClick here to download HJTInstall.exe
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click Scan.
  • Put a check next to any of the items listed below if you feel you do not want them to be run automatically:

O4 - HKLM..\Run: [C-Media Mixer] Mixer.exe /startup (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.) Related to Apple's iTunes for Windows. Installed with Apple's iTunes for Windows.
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) Associated with "Nero Burning Rom" CD writing software. Checks for driver issues
O4 - HKLM..\Run: [NexusServer] "C:\Program Files\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch () Related to Canopus Co., Ltd. Canopus has the solution to help you create, purpose and deliver great video. Note: located in C:\Program Files\Common Files\Canopus Shared\ProCoder 2\Kernel\
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation) Related too to Nvidia
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation) System Tray icon used to manage settings for nVidia based graphics cards. May be required for some 3D applications to recognize your card correctly - such as the game "Everquest". Otherwise, settings can be changed manually via Display Properties
O4 - HKLM..\Run: [nwiz] nwiz.exe /install () Associated with the newer versions of nVidia graphics cards drivers. Allows you to immensely improve desktop layouts by setting preferences and optimizations. However, this isn't necessary for the operation of your system
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.) System Tray access to Apple's "Quick Time" viewer from version 5 onwards
O4 - HKLM..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" (Crawler.com) You have already an AV resident, useless to have too a Antispyware resident.
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background (Microsoft Corporation) Launch MSN Messenger at the startup
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)Related to Microsoft Office


Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

Now, reboot your PC. Is it better ?

Regards,

Edited by XmichouX, 23 May 2009 - 02:14 AM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP