Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

CID pop ups and Computer running extremely slow [Solved]


  • This topic is locked This topic is locked

#1
Mrsmoose

Mrsmoose

    Member

  • Member
  • PipPip
  • 82 posts
Hi,

My computer has been running extremely slow. I've been getting CID pop-ups as well as other pop up screens. My outlook keeps popping up the log in screen and giving me errors. I ran a Hijack This scan and included it below. Can you please help me?




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:43:13 PM, on 2/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Picaboo\Picaboo\PicabooMain.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 209.226.48.180 remote.tadh.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 209.226.48.180 remote #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [TEAM DASH] C:\DOCUME~1\BRIGIT~1\APPLIC~1\CHINDA~1\itchbows.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Picaboo.lnk = C:\Program Files\Picaboo\Picaboo\PicabooMain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com...llerControl.cab
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - http://www.worldwinn...rabblecubes.cab
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} (ZenGems Control) - http://www.worldwinn...ems/zengems.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinn...am/skillgam.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinn...GamesLoader.cab
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} (TPIR Control) - http://www.worldwinn...0/tpir/tpir.cab
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - https://remote.tadh....,2007,1001,2147
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} (Brickout Control) - http://www.worldwinn...ut/brickout.cab
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/...erInstaller.CAB
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec....46/nprdtinf.cab
O16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} (Jigsaw Genius Control) - http://www.worldwinn...gsaw/jigsaw.cab
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} (SolitaireRush Control) - http://www.worldwinn...litairerush.cab
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp\IXP000.TMP\InstallerControl.cab
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) - http://www.worldwinn...jattack/bja.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.updat...b?1223604690703
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase8300.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinn...d/bejeweled.cab
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} (SpiderSolitaire Control) - http://www.worldwinn...ersolitaire.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinn...x/blockwerx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1173661450130
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://remote.tadh....,2007,1001,2136
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://www.worldwinn...ll/freecell.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/...mjolauncher.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinn...ed/wwlaunch.cab
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} (SpinTop Games Launcher) - http://download-game...mesLauncher.cab
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - http://www.worldwinn...jo/wordmojo.cab
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinn...cubis/cubis.cab
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} (WoF Control) - http://www.worldwinn...v57/wof/wof.cab
O16 - DPF: {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} (Pure Networks Security Scan) - http://scan.networkm...-ship-WD.V1.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinn...luxor/luxor.cab
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - http://www.worldwinn...apit/swapit.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinn...man/hangman.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://www.worldwinn...ty/tilecity.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://www.gamehouse...zylomplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - http://www.worldwinn...h/dinerdash.cab
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinn...paint/paint.cab
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://remote.tadh....,2007,1001,2141
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinn.../familyfeud.cab
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://remote.tadh....,2007,1001,2140
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://www.worldwinn...sol/golfsol.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnime...upv2.0.0.10.cab?
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logme...ivex/RACtrl.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = tadh.local,tadh.com,dsl.nt.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = tadh.local,tadh.com,dsl.nt.net
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c942cb99999b29) (gupdate1c942cb99999b29) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

--
End of file - 19543 bytes
  • 0

Advertisements


#2
handhfan

handhfan

    Trusted Helper

  • Expert
  • 13,659 posts
Hello, Mrsmoose, and welcome to GeeksToGo!

Disable resident protections (Antivirus...); you'll re-enable them after the scan

Download Lop S&D < here

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)
  • 0

#3
Mrsmoose

Mrsmoose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Here is the Lop S&D scan:


--------------------\\ Lop S&D 4.2.4-6 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.06GHz )
BIOS : BIOS Date: 04/28/06 22:26:19 Ver: 08.00.10
USER : Brigitte Mousseau ( Administrator )
BOOT : Normal boot
Antivirus : AVG Internet Security 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total : 184 Go Free : 146 Go
D:\ (USB)
F:\ (CD or DVD) - CDFS - Total : 1 Go Free : 0 Go
I:\ (USB)
J:\ (USB)
K:\ (USB)

"C:\Lop SD" ( MAJ : 20-10-2008|20:35 )
Option : [1] ( Fri 02/13/2009| 7:16 )

--------------------\\ Listing folders in APPLIC~1

[11/21/2008|06:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[02/01/2009|04:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {83C91755-2546-441D-AC40-9A6B4B860800}
[11/08/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[11/08/2008|09:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> agi
[05/18/2006|11:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ahead
[12/27/2007|06:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[03/18/2007|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[02/07/2009|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ascentive
[02/01/2009|04:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> avg8
[02/08/2009|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Book Slow Axis Web
[05/18/2006|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[09/08/2008|03:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FunGames
[02/10/2009|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[02/12/2009|06:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[06/05/2008|05:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Grisoft
[01/20/2009|07:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard
[12/21/2008|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
[09/04/2008|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[01/10/2009|08:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> LogMeIn
[10/26/2008|07:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[11/23/2008|05:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Messenger Plus!
[12/20/2008|03:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[05/28/2008|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MumboJumbo
[04/29/2007|06:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Office Genuine Advantage
[10/09/2008|08:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Drivers Headquarters
[07/11/2007|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Tools
[12/30/2008|01:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[11/03/2008|04:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SITEguard
[03/31/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skype
[12/18/2008|04:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[11/03/2008|03:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> STOPzilla!
[10/20/2008|05:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
[10/21/2008|06:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[06/05/2008|06:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[03/12/2007|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[03/19/2007|04:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Live Toolbar
[10/18/2008|09:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[04/21/2008|08:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Zylom

[12/26/2008|09:51] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> .wyzo
[01/11/2009|09:39] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Adobe
[01/11/2009|09:40] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> AdobeAUM
[01/11/2009|09:40] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> AdobeUM
[11/08/2008|09:01] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> agi
[06/08/2007|05:34] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Ahead
[01/07/2009|07:22] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Apple Computer
[06/24/2008|09:04] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> AVGTOOLBAR
[02/08/2009|11:21] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> chin data
[05/18/2006|10:58] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> CyberLink
[06/05/2008|05:57] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> EA
[04/03/2007|05:52] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> FileMaker
[02/07/2009|11:29] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> FrostWire
[03/15/2007|08:36] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Google
[10/01/2007|06:40] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Help
[11/07/2008|10:23] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> HiYo
[04/20/2008|05:01] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> ICAClient
[05/18/2006|09:40] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Identities
[10/18/2008|02:47] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> InstallShield
[05/07/2007|09:21] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Lavasoft
[05/11/2007|03:41] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Leadertech
[12/26/2008|10:30] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> LimeWire
[10/16/2008|05:55] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Macromedia
[10/26/2008|07:35] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Malwarebytes
[11/23/2008|05:29] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Microsoft
[06/14/2007|09:07] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Mozilla
[05/23/2007|04:12] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> PC Tools
[01/22/2009|09:50] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Picaboo
[12/13/2008|08:44] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Pogo Games
[05/18/2006|11:23] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> SampleView
[04/09/2007|06:53] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Serif
[05/13/2007|11:19] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Simple Star
[02/26/2008|04:22] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Snapfish
[03/15/2007|03:15] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Sun
[06/14/2007|09:07] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Talkback
[02/11/2009|06:32] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> U3
[02/08/2009|02:32] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Uniblue
[12/06/2008|11:02] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Windows Desktop Search
[12/21/2008|12:12] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Windows Search
[05/23/2007|03:32] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> WinPatrol

[05/18/2006|11:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Adobe
[05/18/2006|10:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Ahead
[05/18/2006|10:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> CyberLink
[05/18/2006|09:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[05/18/2006|11:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[05/18/2006|11:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> SampleView

[03/22/2008|02:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Adobe
[11/07/2008|09:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> agi
[10/01/2007|06:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Google
[02/01/2009|04:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[10/16/2008|08:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Adobe
[10/16/2008|08:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Macromedia
[02/01/2009|04:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[05/18/2006|11:14] C:\DOCUME~1\Richard\APPLIC~1\<DIR> Adobe
[05/18/2006|10:56] C:\DOCUME~1\Richard\APPLIC~1\<DIR> Ahead
[05/18/2006|10:58] C:\DOCUME~1\Richard\APPLIC~1\<DIR> CyberLink
[05/18/2006|09:40] C:\DOCUME~1\Richard\APPLIC~1\<DIR> Identities
[06/11/2008|04:22] C:\DOCUME~1\Richard\APPLIC~1\<DIR> Microsoft
[05/18/2006|11:23] C:\DOCUME~1\Richard\APPLIC~1\<DIR> SampleView

[05/18/2006|11:14] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Adobe
[05/18/2006|10:56] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Ahead
[05/18/2006|10:58] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> CyberLink
[03/15/2007|04:36] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Google
[05/18/2006|09:40] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Identities
[02/01/2009|04:21] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Microsoft
[05/18/2006|11:23] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> SampleView
[06/13/2007|04:43] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> WinPatrol

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[02/09/2009 04:43 PM][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[02/08/2009 07:46 PM][--a------] C:\WINDOWS\tasks\At2.job
[02/11/2009 08:31 PM][--a------] C:\WINDOWS\tasks\At1.job
[02/13/2009 05:58 AM][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[02/13/2009 01:43 AM][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{44EA20FA-7DE0-4E79-A704-B5FE68457FC8}.job
[02/09/2009 06:42 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[02/13/2009 07:00 AM][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[02/12/2009 03:47 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 02:00 PM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[11/08/2008|11:02] C:\Program Files\<DIR> Adobe
[05/23/2007|03:33] C:\Program Files\<DIR> Ahead
[05/17/2007|09:05] C:\Program Files\<DIR> Alwil Software
[09/29/2008|02:00] C:\Program Files\<DIR> Apple Software Update
[02/07/2009|11:24] C:\Program Files\<DIR> AskBarDis
[06/14/2007|09:43] C:\Program Files\<DIR> AV Music Morpher
[06/05/2008|05:18] C:\Program Files\<DIR> AVG
[05/07/2007|09:29] C:\Program Files\<DIR> BillP Studios
[09/24/2008|11:21] C:\Program Files\<DIR> Bonjour
[02/08/2009|11:20] C:\Program Files\<DIR> chin data
[03/31/2008|09:52] C:\Program Files\<DIR> Citrix
[10/21/2008|03:36] C:\Program Files\<DIR> CleanUp!
[12/06/2008|10:12] C:\Program Files\<DIR> Common Files
[05/18/2006|09:32] C:\Program Files\<DIR> ComPlus Applications
[12/06/2008|10:54] C:\Program Files\<DIR> CONEXANT
[02/08/2009|11:19] C:\Program Files\<DIR> Crcle Developement
[05/18/2006|11:22] C:\Program Files\<DIR> CyberLink
[03/02/2008|03:54] C:\Program Files\<DIR> FontFrenzy
[02/07/2009|10:51] C:\Program Files\<DIR> FrostWire
[02/11/2009|10:41] C:\Program Files\<DIR> Google
[04/26/2007|06:27] C:\Program Files\<DIR> Grisoft
[04/26/2007|01:02] C:\Program Files\<DIR> HELP
[02/07/2009|11:19] C:\Program Files\<DIR> InstallShield Installation Information
[05/18/2006|10:06] C:\Program Files\<DIR> Intel
[02/11/2009|02:32] C:\Program Files\<DIR> Internet Explorer
[11/21/2008|06:20] C:\Program Files\<DIR> iPod
[11/21/2008|06:20] C:\Program Files\<DIR> iTunes
[12/21/2008|12:11] C:\Program Files\<DIR> Java
[09/04/2008|09:15] C:\Program Files\<DIR> Lavasoft
[01/04/2009|10:48] C:\Program Files\<DIR> LimeWire
[12/20/2008|11:26] C:\Program Files\<DIR> Linksys Wireless-G PCI Wireless Network Monitor
[10/24/2008|07:48] C:\Program Files\<DIR> LiveFTA
[02/12/2009|09:44] C:\Program Files\<DIR> LogMeIn
[01/08/2008|05:50] C:\Program Files\<DIR> Mah Jong Quest II
[01/08/2008|09:14] C:\Program Files\<DIR> Mahjongg Artifacts Chapter 2
[02/11/2009|07:27] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[09/04/2008|07:31] C:\Program Files\<DIR> Messenger
[02/08/2009|11:18] C:\Program Files\<DIR> Messenger Plus! Live
[05/23/2007|03:34] C:\Program Files\<DIR> Microsoft ActiveSync
[05/23/2007|03:32] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[05/18/2006|09:35] C:\Program Files\<DIR> microsoft frontpage
[11/29/2008|08:13] C:\Program Files\<DIR> Microsoft Games
[03/12/2007|05:29] C:\Program Files\<DIR> Microsoft Office
[10/20/2008|02:30] C:\Program Files\<DIR> Microsoft Silverlight
[10/18/2008|10:11] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
[09/04/2008|07:26] C:\Program Files\<DIR> Movie Maker
[09/07/2007|07:20] C:\Program Files\<DIR> Mozilla Firefox
[10/24/2007|06:59] C:\Program Files\<DIR> MSN
[02/17/2008|01:22] C:\Program Files\<DIR> MSN Games
[05/18/2006|09:31] C:\Program Files\<DIR> MSN Gaming Zone
[04/04/2007|06:16] C:\Program Files\<DIR> MSXML 4.0
[05/14/2007|09:53] C:\Program Files\<DIR> MTV Networks
[05/23/2007|03:33] C:\Program Files\<DIR> Nero
[09/04/2008|07:22] C:\Program Files\<DIR> NetMeeting
[06/18/2008|05:19] C:\Program Files\<DIR> Oberon Media
[05/18/2006|09:34] C:\Program Files\<DIR> Online Services
[09/04/2008|07:22] C:\Program Files\<DIR> Outlook Express
[05/24/2007|03:03] C:\Program Files\<DIR> Photo Toolkit
[05/23/2007|03:32] C:\Program Files\<DIR> PhotoFiltre
[01/22/2009|09:49] C:\Program Files\<DIR> Picaboo
[10/09/2008|02:44] C:\Program Files\<DIR> Picasa2
[01/10/2009|08:27] C:\Program Files\<DIR> Pure Networks
[11/21/2008|06:16] C:\Program Files\<DIR> QuickTime
[03/12/2008|06:32] C:\Program Files\<DIR> Real
[05/18/2006|10:16] C:\Program Files\<DIR> Realtek AC97
[01/07/2008|10:14] C:\Program Files\<DIR> ReflexiveArcade
[02/19/2008|06:19] C:\Program Files\<DIR> Registry Mechanic
[12/01/2008|09:57] C:\Program Files\<DIR> Safari
[04/09/2007|06:53] C:\Program Files\<DIR> Serif
[03/31/2008|08:33] C:\Program Files\<DIR> Skype
[12/18/2008|02:08] C:\Program Files\<DIR> Spybot - Search & Destroy
[06/23/2008|06:10] C:\Program Files\<DIR> Sun
[12/13/2008|07:28] C:\Program Files\<DIR> SUPERAntiSpyware
[04/26/2007|01:02] C:\Program Files\<DIR> SYS
[12/26/2007|07:02] C:\Program Files\<DIR> Trend Micro
[05/18/2006|09:39] C:\Program Files\<DIR> Uninstall Information
[04/26/2007|01:02] C:\Program Files\<DIR> Vista32
[04/26/2007|01:02] C:\Program Files\<DIR> Vista64
[04/26/2007|01:02] C:\Program Files\<DIR> W2k
[12/06/2008|11:01] C:\Program Files\<DIR> Windows Desktop Search
[10/20/2008|06:47] C:\Program Files\<DIR> Windows Live
[11/30/2007|03:03] C:\Program Files\<DIR> Windows Live Favorites
[09/07/2007|08:30] C:\Program Files\<DIR> Windows Live Safety Center
[06/17/2008|08:27] C:\Program Files\<DIR> Windows Live Toolbar
[03/19/2007|06:52] C:\Program Files\<DIR> Windows Media Connect 2
[12/02/2008|08:36] C:\Program Files\<DIR> Windows Media Player
[09/04/2008|07:22] C:\Program Files\<DIR> Windows NT
[05/18/2006|09:34] C:\Program Files\<DIR> WindowsUpdate
[08/06/2007|08:07] C:\Program Files\<DIR> WinRAR
[05/18/2006|09:35] C:\Program Files\<DIR> xerox
[04/26/2007|01:02] C:\Program Files\<DIR> XP
[12/28/2008|08:33] C:\Program Files\<DIR> Zapu

--------------------\\ Listing Folders in C:\Program Files\Common Files

[11/08/2008|11:02] C:\Program Files\Common Files\<DIR> Adobe
[05/23/2007|03:32] C:\Program Files\Common Files\<DIR> Ahead
[11/21/2008|06:20] C:\Program Files\Common Files\<DIR> Apple
[05/23/2007|03:34] C:\Program Files\Common Files\<DIR> DESIGNER
[10/09/2008|09:07] C:\Program Files\Common Files\<DIR> InstallShield
[11/01/2008|05:19] C:\Program Files\Common Files\<DIR> iS3
[06/17/2008|02:22] C:\Program Files\Common Files\<DIR> Java
[05/23/2006|01:26] C:\Program Files\Common Files\<DIR> LightScribe
[10/18/2008|09:45] C:\Program Files\Common Files\<DIR> Microsoft Shared
[05/18/2006|09:33] C:\Program Files\Common Files\<DIR> MSSoap
[05/23/2006|01:23] C:\Program Files\Common Files\<DIR> Nero
[05/18/2006|05:26] C:\Program Files\Common Files\<DIR> ODBC
[12/30/2008|07:44] C:\Program Files\Common Files\<DIR> Pure Networks Shared
[03/31/2008|08:36] C:\Program Files\Common Files\<DIR> Real
[05/23/2006|09:32] C:\Program Files\Common Files\<DIR> Services
[05/18/2006|05:26] C:\Program Files\Common Files\<DIR> SpeechEngines
[11/23/2008|07:47] C:\Program Files\Common Files\<DIR> Symantec Shared
[09/04/2008|07:22] C:\Program Files\Common Files\<DIR> System
[10/18/2008|09:44] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
[02/01/2009|04:38] C:\Program Files\Common Files\<DIR> Wise Installation Wizard

--------------------\\ Process

( 62 Processes )

IEXPLORE.EXE ~ [PID:2716]
IEXPLORE.EXE ~ [PID:3816]
iexplore.exe ~ [PID:4912]
iexplore.exe ~ [PID:5800]

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web\bore heck.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web\bore heck.exe
C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp\nsl19CD.tmp
C:\DOCUME~1\BRIGIT~1\Cookies\brigitte_mousseau@32vegas[2].txt
C:\DOCUME~1\BRIGIT~1\Cookies\[email protected][2].txt
C:\DOCUME~1\BRIGIT~1\Cookies\[email protected][1].txt

--------------------\\ Searching within the Registry

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-13 07:17:55
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 225

--------------------\\ Searching for other infections

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At2.job

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\BRIGIT~1\Local Settings\Application Data\pogo games\WorldWinner\Cubis\crack.wav
C:\DOCUME~1\BRIGIT~1\Local Settings\Application Data\pogo games\WorldWinner\ZenGems\rock-crack.ogg


[F:207][D:48]-> C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp
[F:74][D:0]-> C:\DOCUME~1\BRIGIT~1\Cookies
[F:3256][D:13]-> C:\DOCUME~1\BRIGIT~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Tue 10/21/2008|20:11 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Fri 10/24/2008|21:40 - Option : [3]
3 - "C:\Lop SD\LopR_3.txt" - Fri 02/13/2009| 7:20 - Option : [1]

--------------------\\ Scan completed at 7:20:10
  • 0

#4
handhfan

handhfan

    Trusted Helper

  • Expert
  • 13,659 posts
Disable resident protections (Antivirus...); you'll re-enable them after the scan

Download Lop S&D < here

Double-click Lop S&D.exe
Choose the language, then choose Option 3 (Fix - Hosts)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)
  • 0

#5
Mrsmoose

Mrsmoose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
--------------------\\ Lop S&D 4.2.4-6 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.06GHz )
BIOS : BIOS Date: 04/28/06 22:26:19 Ver: 08.00.10
USER : Brigitte Mousseau ( Administrator )
BOOT : Normal boot
Antivirus : AVG Internet Security 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total : 184 Go Free : 146 Go
D:\ (USB)
F:\ (CD or DVD) - CDFS - Total : 1 Go Free : 0 Go
I:\ (USB)
J:\ (USB)
K:\ (USB)

"C:\Lop SD" ( MAJ : 20-10-2008|20:35 )
Option : [3] ( Fri 02/13/2009|13:33 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web\bore heck.dat
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web\bore heck.exe
Deleted! - C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp\nsl19CD.tmp
Deleted! - C:\DOCUME~1\BRIGIT~1\Cookies\brigitte_mousseau@32vegas[2].txt
Deleted! - C:\DOCUME~1\BRIGIT~1\Cookies\[email protected][2].txt
Deleted! - C:\DOCUME~1\BRIGIT~1\Cookies\[email protected][1].txt
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Book Slow Axis Web

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in APPLIC~1

[11/21/2008|06:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[02/01/2009|04:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {83C91755-2546-441D-AC40-9A6B4B860800}
[11/08/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[11/08/2008|09:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> agi
[05/18/2006|11:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ahead
[12/27/2007|06:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[03/18/2007|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[02/07/2009|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ascentive
[02/01/2009|04:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> avg8
[05/18/2006|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[09/08/2008|03:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FunGames
[02/10/2009|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[02/12/2009|06:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[06/05/2008|05:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Grisoft
[01/20/2009|07:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard
[12/21/2008|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
[09/04/2008|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[01/10/2009|08:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> LogMeIn
[10/26/2008|07:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[11/23/2008|05:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Messenger Plus!
[12/20/2008|03:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[05/28/2008|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MumboJumbo
[04/29/2007|06:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Office Genuine Advantage
[10/09/2008|08:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Drivers Headquarters
[07/11/2007|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Tools
[12/30/2008|01:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[11/03/2008|04:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SITEguard
[03/31/2008|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skype
[12/18/2008|04:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[11/03/2008|03:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> STOPzilla!
[10/20/2008|05:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
[10/21/2008|06:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[06/05/2008|06:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[03/12/2007|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[03/19/2007|04:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Live Toolbar
[10/18/2008|09:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[04/21/2008|08:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Zylom

[12/26/2008|09:51] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> .wyzo
[01/11/2009|09:39] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Adobe
[01/11/2009|09:40] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> AdobeAUM
[01/11/2009|09:40] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> AdobeUM
[11/08/2008|09:01] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> agi
[06/08/2007|05:34] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Ahead
[01/07/2009|07:22] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Apple Computer
[06/24/2008|09:04] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> AVGTOOLBAR
[02/08/2009|11:21] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> chin data
[05/18/2006|10:58] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> CyberLink
[06/05/2008|05:57] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> EA
[04/03/2007|05:52] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> FileMaker
[02/07/2009|11:29] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> FrostWire
[03/15/2007|08:36] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Google
[10/01/2007|06:40] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Help
[11/07/2008|10:23] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> HiYo
[04/20/2008|05:01] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> ICAClient
[05/18/2006|09:40] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Identities
[10/18/2008|02:47] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> InstallShield
[05/07/2007|09:21] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Lavasoft
[05/11/2007|03:41] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Leadertech
[12/26/2008|10:30] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> LimeWire
[10/16/2008|05:55] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Macromedia
[10/26/2008|07:35] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Malwarebytes
[11/23/2008|05:29] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Microsoft
[06/14/2007|09:07] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Mozilla
[05/23/2007|04:12] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> PC Tools
[01/22/2009|09:50] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Picaboo
[12/13/2008|08:44] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Pogo Games
[05/18/2006|11:23] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> SampleView
[04/09/2007|06:53] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Serif
[05/13/2007|11:19] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Simple Star
[02/26/2008|04:22] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Snapfish
[03/15/2007|03:15] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Sun
[06/14/2007|09:07] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Talkback
[02/11/2009|06:32] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> U3
[02/08/2009|02:32] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Uniblue
[12/06/2008|11:02] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Windows Desktop Search
[12/21/2008|12:12] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> Windows Search
[05/23/2007|03:32] C:\DOCUME~1\BRIGIT~1\APPLIC~1\<DIR> WinPatrol

[05/18/2006|11:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Adobe
[05/18/2006|10:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Ahead
[05/18/2006|10:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> CyberLink
[05/18/2006|09:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[05/18/2006|11:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[05/18/2006|11:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> SampleView

[03/22/2008|02:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Adobe
[11/07/2008|09:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> agi
[10/01/2007|06:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Google
[02/01/2009|04:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[10/16/2008|08:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Adobe
[10/16/2008|08:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Macromedia
[02/01/2009|04:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[05/18/2006|11:14] C:\DOCUME~1\Richard\APPLIC~1\<DIR> Adobe
[05/18/2006|10:56] C:\DOCUME~1\Richard\APPLIC~1\<DIR> Ahead
[05/18/2006|10:58] C:\DOCUME~1\Richard\APPLIC~1\<DIR> CyberLink
[05/18/2006|09:40] C:\DOCUME~1\Richard\APPLIC~1\<DIR> Identities
[06/11/2008|04:22] C:\DOCUME~1\Richard\APPLIC~1\<DIR> Microsoft
[05/18/2006|11:23] C:\DOCUME~1\Richard\APPLIC~1\<DIR> SampleView

[05/18/2006|11:14] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Adobe
[05/18/2006|10:56] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Ahead
[05/18/2006|10:58] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> CyberLink
[03/15/2007|04:36] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Google
[05/18/2006|09:40] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Identities
[02/01/2009|04:21] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> Microsoft
[05/18/2006|11:23] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> SampleView
[06/13/2007|04:43] C:\DOCUME~1\RICHAR~1\APPLIC~1\<DIR> WinPatrol

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[02/09/2009 04:43 PM][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[02/08/2009 07:46 PM][--a------] C:\WINDOWS\tasks\At2.job
[02/11/2009 08:31 PM][--a------] C:\WINDOWS\tasks\At1.job
[02/13/2009 07:25 AM][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[02/13/2009 01:43 AM][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{44EA20FA-7DE0-4E79-A704-B5FE68457FC8}.job
[02/09/2009 06:42 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[02/13/2009 01:00 PM][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[02/12/2009 03:47 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 02:00 PM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[11/08/2008|11:02] C:\Program Files\<DIR> Adobe
[05/23/2007|03:33] C:\Program Files\<DIR> Ahead
[05/17/2007|09:05] C:\Program Files\<DIR> Alwil Software
[09/29/2008|02:00] C:\Program Files\<DIR> Apple Software Update
[02/07/2009|11:24] C:\Program Files\<DIR> AskBarDis
[06/14/2007|09:43] C:\Program Files\<DIR> AV Music Morpher
[06/05/2008|05:18] C:\Program Files\<DIR> AVG
[05/07/2007|09:29] C:\Program Files\<DIR> BillP Studios
[09/24/2008|11:21] C:\Program Files\<DIR> Bonjour
[02/08/2009|11:20] C:\Program Files\<DIR> chin data
[03/31/2008|09:52] C:\Program Files\<DIR> Citrix
[10/21/2008|03:36] C:\Program Files\<DIR> CleanUp!
[12/06/2008|10:12] C:\Program Files\<DIR> Common Files
[05/18/2006|09:32] C:\Program Files\<DIR> ComPlus Applications
[12/06/2008|10:54] C:\Program Files\<DIR> CONEXANT
[02/08/2009|11:19] C:\Program Files\<DIR> Crcle Developement
[05/18/2006|11:22] C:\Program Files\<DIR> CyberLink
[03/02/2008|03:54] C:\Program Files\<DIR> FontFrenzy
[02/07/2009|10:51] C:\Program Files\<DIR> FrostWire
[02/11/2009|10:41] C:\Program Files\<DIR> Google
[04/26/2007|06:27] C:\Program Files\<DIR> Grisoft
[04/26/2007|01:02] C:\Program Files\<DIR> HELP
[02/07/2009|11:19] C:\Program Files\<DIR> InstallShield Installation Information
[05/18/2006|10:06] C:\Program Files\<DIR> Intel
[02/11/2009|02:32] C:\Program Files\<DIR> Internet Explorer
[11/21/2008|06:20] C:\Program Files\<DIR> iPod
[11/21/2008|06:20] C:\Program Files\<DIR> iTunes
[12/21/2008|12:11] C:\Program Files\<DIR> Java
[09/04/2008|09:15] C:\Program Files\<DIR> Lavasoft
[01/04/2009|10:48] C:\Program Files\<DIR> LimeWire
[12/20/2008|11:26] C:\Program Files\<DIR> Linksys Wireless-G PCI Wireless Network Monitor
[10/24/2008|07:48] C:\Program Files\<DIR> LiveFTA
[02/12/2009|09:44] C:\Program Files\<DIR> LogMeIn
[01/08/2008|05:50] C:\Program Files\<DIR> Mah Jong Quest II
[01/08/2008|09:14] C:\Program Files\<DIR> Mahjongg Artifacts Chapter 2
[02/11/2009|07:27] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[09/04/2008|07:31] C:\Program Files\<DIR> Messenger
[02/08/2009|11:18] C:\Program Files\<DIR> Messenger Plus! Live
[05/23/2007|03:34] C:\Program Files\<DIR> Microsoft ActiveSync
[05/23/2007|03:32] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[05/18/2006|09:35] C:\Program Files\<DIR> microsoft frontpage
[11/29/2008|08:13] C:\Program Files\<DIR> Microsoft Games
[03/12/2007|05:29] C:\Program Files\<DIR> Microsoft Office
[10/20/2008|02:30] C:\Program Files\<DIR> Microsoft Silverlight
[10/18/2008|10:11] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
[09/04/2008|07:26] C:\Program Files\<DIR> Movie Maker
[09/07/2007|07:20] C:\Program Files\<DIR> Mozilla Firefox
[10/24/2007|06:59] C:\Program Files\<DIR> MSN
[02/17/2008|01:22] C:\Program Files\<DIR> MSN Games
[05/18/2006|09:31] C:\Program Files\<DIR> MSN Gaming Zone
[04/04/2007|06:16] C:\Program Files\<DIR> MSXML 4.0
[05/14/2007|09:53] C:\Program Files\<DIR> MTV Networks
[05/23/2007|03:33] C:\Program Files\<DIR> Nero
[09/04/2008|07:22] C:\Program Files\<DIR> NetMeeting
[06/18/2008|05:19] C:\Program Files\<DIR> Oberon Media
[05/18/2006|09:34] C:\Program Files\<DIR> Online Services
[09/04/2008|07:22] C:\Program Files\<DIR> Outlook Express
[05/24/2007|03:03] C:\Program Files\<DIR> Photo Toolkit
[05/23/2007|03:32] C:\Program Files\<DIR> PhotoFiltre
[01/22/2009|09:49] C:\Program Files\<DIR> Picaboo
[10/09/2008|02:44] C:\Program Files\<DIR> Picasa2
[01/10/2009|08:27] C:\Program Files\<DIR> Pure Networks
[11/21/2008|06:16] C:\Program Files\<DIR> QuickTime
[03/12/2008|06:32] C:\Program Files\<DIR> Real
[05/18/2006|10:16] C:\Program Files\<DIR> Realtek AC97
[01/07/2008|10:14] C:\Program Files\<DIR> ReflexiveArcade
[02/19/2008|06:19] C:\Program Files\<DIR> Registry Mechanic
[12/01/2008|09:57] C:\Program Files\<DIR> Safari
[04/09/2007|06:53] C:\Program Files\<DIR> Serif
[03/31/2008|08:33] C:\Program Files\<DIR> Skype
[12/18/2008|02:08] C:\Program Files\<DIR> Spybot - Search & Destroy
[06/23/2008|06:10] C:\Program Files\<DIR> Sun
[12/13/2008|07:28] C:\Program Files\<DIR> SUPERAntiSpyware
[04/26/2007|01:02] C:\Program Files\<DIR> SYS
[12/26/2007|07:02] C:\Program Files\<DIR> Trend Micro
[05/18/2006|09:39] C:\Program Files\<DIR> Uninstall Information
[04/26/2007|01:02] C:\Program Files\<DIR> Vista32
[04/26/2007|01:02] C:\Program Files\<DIR> Vista64
[04/26/2007|01:02] C:\Program Files\<DIR> W2k
[12/06/2008|11:01] C:\Program Files\<DIR> Windows Desktop Search
[10/20/2008|06:47] C:\Program Files\<DIR> Windows Live
[11/30/2007|03:03] C:\Program Files\<DIR> Windows Live Favorites
[09/07/2007|08:30] C:\Program Files\<DIR> Windows Live Safety Center
[06/17/2008|08:27] C:\Program Files\<DIR> Windows Live Toolbar
[03/19/2007|06:52] C:\Program Files\<DIR> Windows Media Connect 2
[12/02/2008|08:36] C:\Program Files\<DIR> Windows Media Player
[09/04/2008|07:22] C:\Program Files\<DIR> Windows NT
[05/18/2006|09:34] C:\Program Files\<DIR> WindowsUpdate
[08/06/2007|08:07] C:\Program Files\<DIR> WinRAR
[05/18/2006|09:35] C:\Program Files\<DIR> xerox
[04/26/2007|01:02] C:\Program Files\<DIR> XP
[12/28/2008|08:33] C:\Program Files\<DIR> Zapu

--------------------\\ Listing Folders in C:\Program Files\Common Files

[11/08/2008|11:02] C:\Program Files\Common Files\<DIR> Adobe
[05/23/2007|03:32] C:\Program Files\Common Files\<DIR> Ahead
[11/21/2008|06:20] C:\Program Files\Common Files\<DIR> Apple
[05/23/2007|03:34] C:\Program Files\Common Files\<DIR> DESIGNER
[10/09/2008|09:07] C:\Program Files\Common Files\<DIR> InstallShield
[11/01/2008|05:19] C:\Program Files\Common Files\<DIR> iS3
[06/17/2008|02:22] C:\Program Files\Common Files\<DIR> Java
[05/23/2006|01:26] C:\Program Files\Common Files\<DIR> LightScribe
[10/18/2008|09:45] C:\Program Files\Common Files\<DIR> Microsoft Shared
[05/18/2006|09:33] C:\Program Files\Common Files\<DIR> MSSoap
[05/23/2006|01:23] C:\Program Files\Common Files\<DIR> Nero
[05/18/2006|05:26] C:\Program Files\Common Files\<DIR> ODBC
[12/30/2008|07:44] C:\Program Files\Common Files\<DIR> Pure Networks Shared
[03/31/2008|08:36] C:\Program Files\Common Files\<DIR> Real
[05/23/2006|09:32] C:\Program Files\Common Files\<DIR> Services
[05/18/2006|05:26] C:\Program Files\Common Files\<DIR> SpeechEngines
[11/23/2008|07:47] C:\Program Files\Common Files\<DIR> Symantec Shared
[09/04/2008|07:22] C:\Program Files\Common Files\<DIR> System
[10/18/2008|09:44] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
[02/01/2009|04:38] C:\Program Files\Common Files\<DIR> Wise Installation Wizard

--------------------\\ Process

( 55 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-13 13:35:16
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 225

--------------------\\ Searching for other infections

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At2.job

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\BRIGIT~1\Local Settings\Application Data\pogo games\WorldWinner\Cubis\crack.wav
C:\DOCUME~1\BRIGIT~1\Local Settings\Application Data\pogo games\WorldWinner\ZenGems\rock-crack.ogg


[F:194][D:47]-> C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp
[F:71][D:0]-> C:\DOCUME~1\BRIGIT~1\Cookies
[F:3287][D:13]-> C:\DOCUME~1\BRIGIT~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Tue 10/21/2008|20:11 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Fri 10/24/2008|21:40 - Option : [3]
3 - "C:\Lop SD\LopR_3.txt" - Fri 02/13/2009| 7:20 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - Fri 02/13/2009|13:37 - Option : [3]

--------------------\\ Scan completed at 13:37:20
  • 0

#6
handhfan

handhfan

    Trusted Helper

  • Expert
  • 13,659 posts
  • Download OTListIt2 to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

The log for OTListIt2 will be very long and may not fit in one post, since there is a character limit on posts. Please make sure that it didn't get cut off, and feel free to post the rest of it in a separate reply. :)
  • 0

#7
Mrsmoose

Mrsmoose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Here's the OTistIT.TXT

OTListIt logfile created on: 2/13/2009 1:50:07 PM - Run
OTListIt2 by OldTimer - Version 2.0.0.11 Folder = C:\Documents and Settings\Brigitte Mousseau\Local Settings\Temporary Internet Files\Content.IE5\VW8IZI0J
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.23 Mb Total Physical Memory | 248.54 Mb Available Physical Memory | 49.39% Memory free
1.20 Gb Paging File | 0.73 Gb Available in Paging File | 60.94% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 184.35 Gb Total Space | 146.86 Gb Free Space | 79.66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1.72 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MOUSSEAU
Current User Name: Brigitte Mousseau
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
PRC - C:\WINDOWS\system32\LEXPPS.EXE ()
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe ()
PRC - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)
PRC - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe (GEMTEKS)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe (Linksys)
PRC - C:\WINDOWS\system32\searchindexer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\Program Files\Picaboo\Picaboo\PicabooMain.exe (Picaboo)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Documents and Settings\Brigitte Mousseau\Local Settings\Temporary Internet Files\Content.IE5\VW8IZI0J\OTListIt2[1].exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GoogleDesktopManager-022208-143751 [Disabled | Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (gupdate1c942cb99999b29 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [Auto | Running]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LexBceS [Auto | Running]) -- C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe ()
SRV - (LMIMaint [Auto | Stopped]) -- C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
SRV - (LogMeIn [Auto | Stopped]) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (NMIndexingService [Disabled | Stopped]) -- File not found
SRV - (nmraapache [On_Demand | Stopped]) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
SRV - (nmservice [Auto | Running]) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Symantec Core LC [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMP54Gv4SVC [Auto | Running]) -- File not found
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WSearch [Auto | Running]) -- C:\WINDOWS\system32\searchindexer.exe (Microsoft Corporation)
SRV - (WudfSvc [Auto | Running]) -- C:\WINDOWS\system32\WudfSvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\drivers\AegisP.sys (Meetinghouse Data Communications)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (BCM42RLY [On_Demand | Stopped]) -- C:\WINDOWS\system32\bcm42rly.sys (Broadcom Corporation)
DRV - (f5ipfw [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\urfltw2k.sys (F5 Networks)
DRV - (gameenum [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ialmnt5.sys (Intel Corporation)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\drivers\Lbd.sys (Lavasoft AB)
DRV - (LMIInfo [Auto | Stopped]) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (lmimirr [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\lmimirr.sys (LogMeIn, Inc.)
DRV - (LMIRfsClientNP [Disabled | Stopped]) -- C:\WINDOWS\system32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (LMIRfsDriver [Auto | Running]) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys (Conexant)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (ms_mpu401 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (pelmouse [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS (Primax Electronics Ltd.)
DRV - (pelusblf [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\pelusblf.sys (Primax Electronics Ltd.)
DRV - (pnarp [Auto | Running]) -- C:\WINDOWS\system32\drivers\pnarp.sys (Pure Networks, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (purendis [Auto | Running]) -- C:\WINDOWS\system32\drivers\purendis.sys (Pure Networks, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\drivers\pxhelp20.sys (Sonic Solutions)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\rootmdm.sys (Microsoft Corporation)
DRV - (RT61 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\rt61.sys (Ralink Technology Inc.)
DRV - (RTL8023 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys (Realtek Semiconductor Corporation )
DRV - (RTL8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (urvpndrv [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\urvpndrv.sys (F5 Networks)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbser.sys (Microsoft Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (WS2IFSL [Disabled | Stopped]) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV - (GTNDIS5 [On_Demand | Running]) -- C:\WINDOWS\system32\GTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: (224344 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 7845 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll (Ask.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll (Google Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll (Ask.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - SITEguard - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" (LogMeIn, Inc.)
O4 - HKLM..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN (Lexmark International Inc.)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash (Pure Networks, Inc.)
O4 - HKLM..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" (Cisco Systems, Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" File not found
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Brigitte Mousseau\Start Menu\Programs\Startup\Picaboo.lnk = C:\Program Files\Picaboo\Picaboo\PicabooMain.exe (Picaboo)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktopChanges = [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: ClassicShell = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: 329 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} http://www.worldwinn...rabblecubes.cab (ScrabbleCubes Control)
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} http://www.worldwinn...ems/zengems.cab (ZenGems Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} http://www.worldwinn...am/skillgam.cab (SkillGam Control)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewi...oOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinn...0/tpir/tpir.cab (TPIR Control)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} https://remote.tadh....,2007,1001,2147 (F5 Networks VPN Manager)
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} http://www.worldwinn...ut/brickout.cab (Brickout Control)
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/...erInstaller.CAB (PogoWebLauncher Control)
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} http://www.symantec....46/nprdtinf.cab (AxProdInfoCtl Class)
O16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} http://www.worldwinn...gsaw/jigsaw.cab (Jigsaw Genius Control)
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} http://www.worldwinn...litairerush.cab (SolitaireRush Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp\IXP000.TMP\InstallerControl.cab (F5 Networks Auto Update)
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} http://www.worldwinn...jattack/bja.cab (BJA Control)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1223604690703 (MUCatalogWebControl Class)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase8300.cab (Windows Live Safety Center Base Module)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} http://www.worldwinn...ersolitaire.cab (SpiderSolitaire Control)
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} http://www.worldwinn...x/blockwerx.cab (Blockwerx Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1173661450130 (WUWebControl Class)
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} https://remote.tadh....,2007,1001,2136 (F5 Networks SSLTunnel)
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} http://www.worldwinn...ll/freecell.cab (FreeCell Control)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://zone.msn.com/...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} http://download-game...mesLauncher.cab (SpinTop Games Launcher)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} http://www.worldwinn...jo/wordmojo.cab (WordMojo Control)
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} http://www.worldwinn...cubis/cubis.cab (Cubis Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} http://scan.networkm...-ship-WD.V1.cab (Pure Networks Security Scan)
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} http://www.worldwinn...luxor/luxor.cab (WwLuxor Control)
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinn...apit/swapit.cab (SwapIt Control)
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinn...man/hangman.cab (Hangman Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} http://www.worldwinn...ty/tilecity.cab (Tilecity Control)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://www.gamehouse...zylomplayer.cab (Zylom Games Player)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinn...h/dinerdash.cab (DinerDash Control)
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} http://www.worldwinn...paint/paint.cab (Paint Control)
O16 - DPF: {CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_17)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://remote.tadh....,2007,1001,2141 (F5 Networks SuperHost Class)
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinn.../familyfeud.cab (FamilyFeud Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://remote.tadh....,2007,1001,2140 (F5 Networks Host Control)
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} http://www.worldwinn...sol/golfsol.cab (GolfSol Control)
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} http://walmart.pnime...upv2.0.0.10.cab? (Photo Upload Plugin Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...ivex/RACtrl.cab (Performance Viewer Activex Control)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\system32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\system32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\system32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\system32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\system32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\system32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Documents and Settings\Brigitte Mousseau\My Documents\*.tmp files]
[2009/02/09 18:34:04 | 00,000,000 | ---D | C] -- C:\NoLopBackups
[2009/02/08 15:01:17 | 00,129,045 | R--- | C] () -- C:\WINDOWS\System32\drivers\HSFProf.cty
[2009/02/08 11:20:09 | 00,000,000 | ---D | C] -- C:\Program Files\chin data
[2009/02/08 11:20:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brigitte Mousseau\Application Data\chin data
[2009/02/08 11:19:00 | 00,000,000 | ---D | C] -- C:\Program Files\Crcle Developement
[2009/02/07 10:52:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brigitte Mousseau\My Documents\FrostWire
[2009/02/07 10:51:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brigitte Mousseau\Application Data\FrostWire
[2009/02/07 10:50:23 | 00,000,880 | ---- | C] () -- C:\Documents and Settings\Brigitte Mousseau\Desktop\FrostWire 4.17.2.lnk
[2009/02/07 10:48:56 | 00,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2009/02/07 10:17:45 | 00,024,576 | ---- | C] (iipl) -- C:\WINDOWS\System32\BAZLib.dll
[2009/02/06 23:34:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ascentive
[2009/02/06 23:31:50 | 00,223,232 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2009/02/06 23:31:49 | 00,244,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msflxgrd.ocx
[2009/02/06 23:31:48 | 00,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCT232.OCX
[2009/02/06 23:27:29 | 00,036,864 | ---- | C] (CIPL) -- C:\WINDOWS\System32\ascbalon.dll
[2009/02/06 23:27:27 | 00,045,056 | ---- | C] (iipl) -- C:\WINDOWS\System32\CreateLog.dll
[2009/02/06 23:27:27 | 00,020,480 | ---- | C] (Ascentive LLC) -- C:\WINDOWS\System32\SysRestore.dll
[2009/02/06 23:27:26 | 00,208,896 | ---- | C] (Ascentive) -- C:\WINDOWS\System32\ConTest.dll
[2009/02/05 18:51:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brigitte Mousseau\My Documents\Jordan
[2009/02/02 19:58:55 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Brigitte Mousseau\My Documents\Copy of HOCKEY TEAM SUICIDE POOL FEB 7.xls
[2009/02/01 17:18:02 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/02/01 16:42:45 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/02/01 16:42:39 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/02/01 16:39:34 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/02/01 16:39:33 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/02/01 16:22:57 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.0.lnk
[2009/02/01 16:22:55 | 00,107,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/01/29 17:42:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brigitte Mousseau\Desktop\photoresizer
[2009/01/26 19:23:45 | 00,019,938 | ---- | C] () -- C:\Documents and Settings\Brigitte Mousseau\My Documents\image001.jpg
[2009/01/22 21:51:46 | 00,000,776 | ---- | C] () -- C:\Documents and Settings\Brigitte Mousseau\Start Menu\Programs\Startup\Picaboo.lnk
[2009/01/22 21:49:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brigitte Mousseau\Application Data\Picaboo
[2009/01/22 21:44:42 | 00,001,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picaboo.lnk
[2009/01/22 21:35:20 | 00,000,000 | ---D | C] -- C:\Program Files\Picaboo
[2009/01/22 21:33:10 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/01/22 14:31:16 | 00,000,000 | R-SD | C] -- C:\Documents and Settings\Brigitte Mousseau\My Documents\My Stationery
[2009/01/20 19:25:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2009/01/17 20:23:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brigitte Mousseau\Desktop\ryan pics

========== Files - Modified Within 30 Days ==========

[126 C:\WINDOWS\System32\*.tmp files]
[1 C:\
  • 0

#8
Mrsmoose

Mrsmoose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Here's the Extras.TXT

OTListIt Extras logfile created on: 2/13/2009 1:50:07 PM - Run
OTListIt2 by OldTimer - Version 2.0.0.11 Folder = C:\Documents and Settings\Brigitte Mousseau\Local Settings\Temporary Internet Files\Content.IE5\VW8IZI0J
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.23 Mb Total Physical Memory | 248.54 Mb Available Physical Memory | 49.39% Memory free
1.20 Gb Paging File | 0.73 Gb Available in Paging File | 60.94% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 184.35 Gb Total Space | 146.86 Gb Free Space | 79.66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1.72 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MOUSSEAU
Current User Name: Brigitte Mousseau
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord File not found
C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer (LimeWire)
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire File not found
C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer (Microsoft Corporation)
C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe File not found
C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe File not found
C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe File not found
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype File not found
C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Warez3 File not found
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\WINDOWS\LMI35.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue File not found
C:\WINDOWS\LMI48.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue File not found
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\Microsoft Games\Age of Empires II The Conquerors Expansion Trial\age2_x1t.exe:*:Enabled:Age of Empires II Expansion File not found
C:\Program Files\Microsoft Games\Age of Empires II Trial\EMPIRES2.EXE:*:Enabled:Age of Empires II File not found
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Wyzo\wyzo.exe:*:Enabled:Wyzo File not found
C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary (Sun Microsystems, Inc.)
C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service (Cisco Systems, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{15D91706-6ADF-44CF-9D7D-FF2D8ACD2C6F}" = LS_HSI
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{2A9C3F41-DACA-37AB-84FB-2E6193C42151}" = Google Gears
"{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}" = Windows Live Photo Gallery
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1A8C8-6646-4101-B0AA-42D1EB2AB3AE}" = Windows Live Outlook Toolbar (Windows Live Toolbar)
"{47FBF7F9-FBD3-43EF-823B-7684D56C1962}" = Tabbed Browsing (Windows Live Toolbar)
"{481E9852-DA0C-403B-ADA4-05D86C8BF9A9}" = Google Photos Screensaver
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4DDC3BED-CC68-44AA-B435-D727B620CA5B}" = Linksys Wireless-G PCI Adapter
"{4E901875-0F15-44BA-89DE-94AA41A7F507}" = Clear Cache feature for Internet Explorer
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{53B2CFE9-A508-4457-B2CA-5D253536BFB7}" = OneCare Advisor (Windows Live Toolbar)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{578B6EF9-119B-4FB8-8377-7DAFA9588B97}" = Network Magic
"{582D2A53-F426-4C5E-A2E6-43C1AB36B907}" = Safari
"{66A7A386-6F35-41A7-A731-101F0C0153C8}" = Popup Blocker (Windows Live Toolbar)
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142170}" = Java 2 Runtime Environment, SE v1.4.2_17
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7E7658A2-CD3F-48A7-93EA-0882BCA4FD2A}" = LogMeIn
"{7FB6053A-C51D-4508-A7FD-75F2C0C921AD}" = Picaboo 2.0.406
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{90260409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer
"{92A40DC2-0ECD-4602-A79E-1DC53545C6EE}" = eXplorist Wizard
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Windows Live Sign-in Assistant
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{C9618743-1A5C-461E-91C4-E013A3D70F3C}" = Adobe® Photoshop® Album Starter Edition 3.0.1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D1357DFC-662B-4D5D-A650-63523A41D2FD}" = PC ScanAndSweep
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EEDBE2DF-4141-44A9-8614-9832B16637E6}" = Mouse Suite
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB5CB59C-D4F6-4303-A414-83D533EE773B}" = Pure Networks Platform
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Ask Toolbar_is1" = Ask Toolbar
"AV Music Morpher" = AV Music Morpher
"AVG8Uninstall" = AVG 8.0
"Citrix ICA Web Client" = MetaFrame Presentation Server Web Client for Win32
"CleanUp!" = CleanUp!
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_205514F1" = PCI SoftV92 Modem
"FrostWire" = FrostWire 4.17.2
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Lexmark Supplies Monitor" = Lexmark Supplies Monitor
"Lexmark Z25-Z35" = Lexmark Z25-Z35
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live & Sponsor (CiD)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero PhotoShow Express" = Nero PhotoShow Express
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Network MagicUninstall" = Network Magic
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoFiltre" = PhotoFiltre
"Picasa2" = Picasa 2
"TBSB06153.TBSB06153Toolbar" = Share Accelerator
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/12/2009 4:08:05 PM | Computer Name = MOUSSEAU | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16791, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/12/2009 4:08:06 PM | Computer Name = MOUSSEAU | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16791, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/12/2009 4:08:08 PM | Computer Name = MOUSSEAU | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16791, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/12/2009 4:09:56 PM | Computer Name = MOUSSEAU | Source = Application Hang | ID = 1001
Description = Fault bucket 1110235319.

Error - 2/12/2009 4:55:31 PM | Computer Name = MOUSSEAU | Source = Picaboo Client, Version 2.0 | ID = 4096
Description = Source: Picaboo Client, Version 2.0 Type: Error EventId: 4096 Category:
0 Thread: Communication Manager Online Status Handling An exception occurred: CommunicationManager.OnlineStatusQueueThread:
GetResponse - Exception is occured Exception: System.Net.WebException The operation
has timed out ******************************************** at System.Net.HttpWebRequest.GetResponse()

at Picaboo.Client.Communication.CommunicationManager.OnlineStatusQueueThread()


Error - 2/12/2009 8:18:23 PM | Computer Name = MOUSSEAU | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16791, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/12/2009 8:19:45 PM | Computer Name = MOUSSEAU | Source = Application Hang | ID = 1001
Description = Fault bucket 1110235319.

Error - 2/13/2009 2:27:48 PM | Computer Name = MOUSSEAU | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 2/13/2009 2:29:02 PM | Computer Name = MOUSSEAU | Source = Application Error | ID = 1000
Description = Faulting application aawtray.exe, version 8.0.0.0, faulting module
aawtray.exe, version 8.0.0.0, fault address 0x0003665b.

Error - 2/13/2009 2:29:15 PM | Computer Name = MOUSSEAU | Source = Application Error | ID = 1001
Description = Fault bucket 1121409444.

[ System Events ]
Error - 1/25/2009 8:46:00 PM | Computer Name = MOUSSEAU | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403

Error - 1/28/2009 9:31:00 PM | Computer Name = MOUSSEAU | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942403

Error - 1/30/2009 5:47:18 AM | Computer Name = MOUSSEAU | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.

Error - 1/31/2009 8:46:00 PM | Computer Name = MOUSSEAU | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403

Error - 2/1/2009 8:46:00 PM | Computer Name = MOUSSEAU | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403

Error - 2/4/2009 9:31:00 PM | Computer Name = MOUSSEAU | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942403

Error - 2/7/2009 8:46:00 PM | Computer Name = MOUSSEAU | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403

Error - 2/8/2009 8:46:00 PM | Computer Name = MOUSSEAU | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403

Error - 2/9/2009 5:56:22 AM | Computer Name = MOUSSEAU | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg8wd service.

Error - 2/11/2009 9:31:00 PM | Computer Name = MOUSSEAU | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942403


< End of report >
  • 0

#9
handhfan

handhfan

    Trusted Helper

  • Expert
  • 13,659 posts
Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:
  • Download the latest version of Java SE Runtime Environment (JRE) JRE 6 Update 12.
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u12-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u12-windows-i586-p.exe and select "Run as an Administrator.")

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

Java™ 6 Update 11
Java™ 6 Update 7
Java 2 Runtime Environment, SE v1.4.2_17
Messenger Plus! Live & Sponsor (CiD)


Please download the OTMoveIt3 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :Processes
    explorer.exe
    
    :Files
    C:\Program Files\chin data
    C:\Documents and Settings\Brigitte Mousseau\Application Data\chin data
    C:\WINDOWS\tasks\At2.job
    C:\WINDOWS\tasks\At1.job
    
    :Reg
    
    :Commands
    [emptytemp]
    [start explorer]
    [Reboot]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Please do an online scan with Kaspersky WebScanner

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure the following is checked.
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply, along with the OTMoveIt3 log, and a new HijackThis log.

  • 0

#10
Mrsmoose

Mrsmoose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\Program Files\chin data not found.
File/Folder C:\Documents and Settings\Brigitte Mousseau\Application Data\chin data not found.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp\~DFBFF7.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp\~DFC3EA.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_290.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02132009_145621

Files moved on Reboot...
File C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp\~DFBFF7.tmp not found!
C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp\~DFC3EA.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_290.dat not found!
  • 0

Advertisements


#11
handhfan

handhfan

    Trusted Helper

  • Expert
  • 13,659 posts
Don't forget the Kaspersky scan as well. :)
  • 0

#12
Mrsmoose

Mrsmoose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Yes, it's been running for a while now. It takes a long time :) 2 hours and 26 minutes so far

Edited by Mrsmoose, 13 February 2009 - 05:28 PM.

  • 0

#13
Mrsmoose

Mrsmoose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Here's the Kaspersky scan - now I'll do the Hijack scan

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Friday, February 13, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, February 13, 2009 20:41:43
Records in database: 1793956
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
F:\
I:\
J:\
K:\

Scan statistics:
Files scanned: 79991
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 03:18:14


File name / Threat name / Threats count
C:\WINDOWS\system32\ConTest.dll Infected: not-a-virus:FraudTool.Win32.Ascentive.a 1

The selected area was scanned.
  • 0

#14
Mrsmoose

Mrsmoose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
This is the new HijackThis scan

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:26:44 PM, on 2/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Picaboo\Picaboo\PicabooMain.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 209.226.48.180 remote.tadh.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 209.226.48.180 remote #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [TEAM DASH] C:\DOCUME~1\BRIGIT~1\APPLIC~1\CHINDA~1\itchbows.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Picaboo.lnk = C:\Program Files\Picaboo\Picaboo\PicabooMain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com...llerControl.cab
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - http://www.worldwinn...rabblecubes.cab
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} (ZenGems Control) - http://www.worldwinn...ems/zengems.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinn...am/skillgam.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinn...GamesLoader.cab
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} (TPIR Control) - http://www.worldwinn...0/tpir/tpir.cab
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - https://remote.tadh....,2007,1001,2147
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} (Brickout Control) - http://www.worldwinn...ut/brickout.cab
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/...erInstaller.CAB
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec....46/nprdtinf.cab
O16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} (Jigsaw Genius Control) - http://www.worldwinn...gsaw/jigsaw.cab
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} (SolitaireRush Control) - http://www.worldwinn...litairerush.cab
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - C:\DOCUME~1\BRIGIT~1\LOCALS~1\Temp\IXP000.TMP\InstallerControl.cab
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) - http://www.worldwinn...jattack/bja.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.updat...b?1223604690703
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase8300.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinn...d/bejeweled.cab
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} (SpiderSolitaire Control) - http://www.worldwinn...ersolitaire.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinn...x/blockwerx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1173661450130
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://remote.tadh....,2007,1001,2136
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://www.worldwinn...ll/freecell.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/...mjolauncher.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinn...ed/wwlaunch.cab
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} (SpinTop Games Launcher) - http://download-game...mesLauncher.cab
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - http://www.worldwinn...jo/wordmojo.cab
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinn...cubis/cubis.cab
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} (WoF Control) - http://www.worldwinn...v57/wof/wof.cab
O16 - DPF: {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} (Pure Networks Security Scan) - http://scan.networkm...-ship-WD.V1.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinn...luxor/luxor.cab
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - http://www.worldwinn...apit/swapit.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinn...man/hangman.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://www.worldwinn...ty/tilecity.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://www.gamehouse...zylomplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - http://www.worldwinn...h/dinerdash.cab
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinn...paint/paint.cab
O16 - DPF: {CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA} (Java Plug-in 1.4.2_17) -
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) -
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://remote.tadh....,2007,1001,2141
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinn.../familyfeud.cab
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://remote.tadh....,2007,1001,2140
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://www.worldwinn...sol/golfsol.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnime...upv2.0.0.10.cab?
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logme...ivex/RACtrl.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = tadh.local,tadh.com,dsl.nt.net
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: SearchList = tadh.local,tadh.com,dsl.nt.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = tadh.local,tadh.com,dsl.nt.net
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c942cb99999b29) (gupdate1c942cb99999b29) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

--
End of file - 19481 bytes
  • 0

#15
handhfan

handhfan

    Trusted Helper

  • Expert
  • 13,659 posts
Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

Please post a new HijackThis log.

Is your computer running better now?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP