Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Dr. Watson debugger failure

Started by burtot , Jun 10 2009 07:21 PM

  • Please log in to reply

#1
burtot
Posted 10 June 2009 - 07:21 PM

burtot

    New Member

  • Member
  • Pip
  • 2 posts
I have been able to download the first step in the removal process that you have. But then I get booted during the download. I have a Malware result to give but that is it. I did an AVG scan this moring and it said that I had a Trojan Horse Generic13.Beag virus. It is now blocked by my AVG. This afternoon I got the DR. Watson Debugger error. I can not run IE5 for more then 10 minutes without being booted. I tried to follow your steps to a T but I keep getting IE has encounter an error message. Please help!!! Please disreguard the attachment.



OTL logfile created on: 6/10/2009 10:47:54 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Burton\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 734.32 Mb Available Physical Memory | 71.75% Memory free
2.91 Gb Paging File | 2.60 Gb Available in Paging File | 89.32% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 9.89 Gb Free Space | 13.28% Space Free | Partition Type: NTFS
Drive D: | 1.74 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 232.88 Gb Total Space | 38.40 Gb Free Space | 16.49% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BURTON-TOWER
Current User Name: Burton
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2007/05/23 16:59:16 | 00,708,688 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\svcntaux.exe
PRC - [2007/05/23 16:59:24 | 01,309,264 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\swdsvc.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/05/29 15:41:22 | 01,053,264 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\SDTrayApp.exe
PRC - [2009/04/25 01:27:50 | 00,636,088 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/06/10 22:46:33 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Burton\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2007/07/31 18:11:06 | 00,106,496 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Stopped])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/02/25 17:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Stopped])
SRV - [2009/02/25 15:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2009/05/02 09:12:48 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Stopped])
SRV - [2009/06/10 13:38:30 | 01,368,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8 [Auto | Stopped])
SRV - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Stopped])
SRV - [2005/09/30 20:22:50 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Stopped])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/08/05 08:56:13 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - File not found -- -- (GoogleDesktopManager [Disabled | Stopped])
SRV - [2009/03/23 21:59:16 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2005/11/15 15:23:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Stopped])
SRV - [2007/03/14 19:19:10 | 00,779,824 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2007/03/12 13:49:46 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/11/17 16:09:57 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Stopped])
SRV - [2006/11/02 20:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing [Auto | Stopped])
SRV - [2007/05/23 16:59:16 | 00,708,688 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\svcntaux.exe -- (sdAuxService [Auto | Running])
SRV - [2007/05/23 16:59:24 | 01,309,264 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\swdsvc.exe -- (sdCoreService [Auto | Running])
SRV - [2009/05/27 08:38:28 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4 [Auto | Stopped])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2005/02/23 15:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) -- C:\WINDOWS\system32\drivers\Afc.sys -- (Afc [On_Demand | Running])
DRV - [2005/03/09 16:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Stopped])
DRV - [2003/12/04 11:33:20 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running])
DRV - [2009/02/25 18:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
DRV - [2009/02/03 22:31:17 | 00,170,496 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\atinavt2.sys -- (ATIAVAIW [On_Demand | Stopped])
DRV - [2009/05/02 09:13:21 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\DRIVERS\avgfwdx.sys -- (Avgfwdx [On_Demand | Stopped])
DRV - [2009/05/02 09:13:21 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\DRIVERS\avgfwdx.sys -- (Avgfwfd [On_Demand | Stopped])
DRV - [2009/06/10 13:38:34 | 00,327,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Stopped])
DRV - [2009/05/02 09:13:25 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Stopped])
DRV - [2009/05/02 09:13:21 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86 [Boot | Running])
DRV - [2009/05/02 09:13:14 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2006/08/11 15:45:14 | 00,502,272 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k [On_Demand | Stopped])
DRV - [2006/08/11 15:45:38 | 00,499,584 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k [On_Demand | Stopped])
DRV - [2005/11/10 18:06:04 | 00,340,704 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k [On_Demand | Stopped])
DRV - [2006/08/11 15:45:40 | 00,007,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k [On_Demand | Stopped])
DRV - [2006/08/11 15:45:18 | 00,143,872 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k [On_Demand | Stopped])
DRV - [2006/08/11 15:45:18 | 00,078,336 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia [On_Demand | Stopped])
DRV - [2007/05/02 20:13:09 | 00,010,899 | ---- | M] (FarStone Inc.) -- C:\WINDOWS\system32\DRIVERS\fcdabus.sys -- (fcdabus [On_Demand | Running])
DRV - [2004/10/20 00:30:36 | 00,037,377 | ---- | M] (FarStone) -- C:\WINDOWS\System32\Drivers\fsRamDsk.sys -- (fsRamDsk [On_Demand | Stopped])
DRV - [2007/05/02 20:13:09 | 00,069,170 | ---- | M] (FarStone Inc.) -- C:\WINDOWS\system32\DRIVERS\fvdscsi.sys -- (fvdscsi [On_Demand | Running])
DRV - [2008/04/13 14:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Stopped])
DRV - [2006/08/11 15:45:26 | 00,766,976 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k [On_Demand | Stopped])
DRV - [2006/08/11 15:45:26 | 00,154,112 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\hap16v2k.sys -- (hap16v2k [On_Demand | Stopped])
DRV - [2006/08/11 15:45:28 | 00,180,224 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\hap17v2k.sys -- (hap17v2k [On_Demand | Stopped])
DRV - [2005/07/28 08:18:40 | 00,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock [Auto | Stopped])
DRV - [2007/08/21 20:05:29 | 00,047,616 | ---- | M] (Aladdin Knowledge Systems) -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt [Auto | Stopped])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Stopped])
DRV - [2007/05/23 16:58:38 | 00,039,376 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\ikfileflt.sys -- (IKFileFlt [System | Running])
DRV - [2007/05/23 16:58:42 | 00,053,840 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec [System | Running])
DRV - [2007/05/23 16:58:46 | 00,057,424 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IkSysFlt [System | Running])
DRV - [2007/05/23 16:58:50 | 00,083,024 | ---- | M] (PCTools Research Pty Ltd.) -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec [System | Running])
DRV - [2006/05/26 14:20:58 | 04,279,296 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Stopped])
DRV - [2003/03/26 23:55:48 | 00,011,776 | ---- | M] (WayTech Development, Inc.) -- C:\WINDOWS\System32\drivers\kbfilter.sys -- (kbfilter [System | Running])
DRV - [2003/03/04 05:50:00 | 00,053,870 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys -- (L8042pr2 [On_Demand | Stopped])
DRV - [2003/03/04 05:50:00 | 00,025,214 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys -- (LHidFlt2 [On_Demand | Stopped])
DRV - [2003/03/04 05:50:00 | 00,037,804 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\Drivers\LHidUsb.Sys -- (LHidUsb [On_Demand | Stopped])
DRV - [2003/03/04 05:50:00 | 00,073,134 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys -- (LMouFlt2 [On_Demand | Stopped])
DRV - [2007/03/30 09:14:04 | 00,032,256 | ---- | M] (SlySoft Inc.) -- C:\WINDOWS\System32\drivers\maplom.sys -- (Maplom [On_Demand | Running])
DRV - [2006/09/22 14:06:10 | 00,092,160 | ---- | M] (MagicISO, Inc.) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys -- (mcdbus [On_Demand | Running])
DRV - [2008/08/21 18:49:22 | 00,018,688 | ---- | M] (Motorola) -- C:\WINDOWS\system32\DRIVERS\motccgp.sys -- (motccgp [On_Demand | Stopped])
DRV - [2008/08/21 18:49:56 | 00,008,320 | ---- | M] (Motorola) -- C:\WINDOWS\system32\DRIVERS\motccgpfl.sys -- (motccgpfl [On_Demand | Stopped])
DRV - [2007/10/10 17:41:50 | 00,042,112 | ---- | M] (Motorola Inc) -- C:\WINDOWS\system32\DRIVERS\motodrv.sys -- (MotDev [On_Demand | Stopped])
DRV - [2007/06/18 20:18:26 | 00,023,680 | ---- | M] (Motorola) -- C:\WINDOWS\system32\DRIVERS\motmodem.sys -- (motmodem [On_Demand | Stopped])
DRV - [2008/04/13 14:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])
DRV - [2006/04/24 18:52:28 | 00,100,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [Boot | Running])
DRV - [2006/02/16 23:28:30 | 00,034,176 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Stopped])
DRV - [2006/02/16 23:28:32 | 00,013,056 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2006/08/11 15:45:24 | 00,116,224 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv [On_Demand | Stopped])
DRV - [2007/07/14 20:08:06 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\Pcouffin.sys -- (Pcouffin [On_Demand | Stopped])
DRV - [2004/11/19 08:40:00 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2004/08/04 08:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/04/09 08:27:07 | 00,031,548 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [System | Stopped])
DRV - [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Stopped])
DRV - [2001/06/21 21:39:02 | 00,073,728 | ---- | M] (Rainbow Technologies, Inc.) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel [Auto | Stopped])
DRV - [2001/06/21 21:39:02 | 00,020,032 | R--- | M] (Rainbow Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS -- (Sntnlusb [On_Demand | Stopped])
DRV - [2008/08/09 09:37:35 | 00,685,816 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007/12/13 18:28:36 | 00,005,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Stopped])
DRV - [2009/05/10 12:16:04 | 00,102,664 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm [Auto | Stopped])
DRV - [2008/04/17 02:34:04 | 00,120,472 | ---- | M] (High Criteria inc.) -- C:\WINDOWS\system32\drivers\TotRec7.sys -- (TotRec7 [On_Demand | Stopped])
DRV - [2004/05/21 04:37:42 | 00,008,192 | ---- | M] (Waytech Development, Inc.) -- C:\WINDOWS\System32\drivers\UsbFltr.sys -- (UsbFltr [System | Stopped])
DRV - [2005/11/16 12:37:00 | 00,357,536 | ---- | M] (Zoom Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ZMWGUSB.sys -- (ZMWGUSB [On_Demand | Running])
DRV - [2006/11/02 16:51:58 | 00,013,560 | ---- | M] (Cyberlink Corp.) -- E:\Movies\Cyberlink PowerDVD Ultra Deluxe v7.3\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B} [Auto | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.obrbands.com/
IE - URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/05/02 21:00:48 | 00,000,000 | ---D | M]

[2007/01/05 07:35:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Burton\Application Data\mozilla\Firefox\Profiles\tezyy7x5.default\extensions
[2007/01/21 00:23:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Burton\Application Data\mozilla\Firefox\Profiles\tezyy7x5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2006/12/11 18:42:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Burton\Application Data\mozilla\Firefox\Profiles\tezyy7x5.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2007/08/10 18:12:12 | 00,002,386 | ---- | M] () -- C:\Documents and Settings\Burton\Application Data\Mozilla\FireFox\Profiles\tezyy7x5.default\searchplugins\siteadvisor.xml

Hosts file not found
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {267FDD18-8F40-4BB0-A075-C704341D3929} - Reg Error: Key error. File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - Reg Error: Key error. File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" (PC Tools)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 128
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm File not found
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm File not found
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 26 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative....026/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com...OnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1165877176656 (MUWebControl Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/...he.cab79352.cab (MSN Games – Texas Holdem Poker)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game11.zylom....gamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer....r_installer.exe (Virtools WebPlayer Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative....15027/CTPID.cab (Creative Software AutoUpdate Support Package)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\SYSTEM32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\SYSTEM32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/11 15:25:12 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/03/21 10:10:20 | 00,000,048 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/05/10 17:38:22 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8455ec98-2340-11dc-8753-0012bf6bc0e8}\Shell - "" = AutoRun
O33 - MountPoints2\{8455ec98-2340-11dc-8753-0012bf6bc0e8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8ff24ec1-8912-11db-a448-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{8ff24ec1-8912-11db-a448-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8ff24ec1-8912-11db-a448-806d6172696f}\Shell\AutoRun\command - "" = D:\start_here.exe -- [2003/03/14 10:55:56 | 02,283,349 | R--- | M] (McGraw-Hill, Inc.)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/10 22:46:33 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[3 C:\Documents and Settings\Burton\My Documents\*.tmp files]
[2009/06/10 22:46:33 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Burton\Desktop\OTL.exe
[2009/06/10 20:17:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Burton\Application Data\Malwarebytes
[2009/06/10 20:16:52 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/10 20:16:49 | 00,040,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/10 20:16:48 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/10 20:16:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/06/10 20:16:47 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/10 19:41:01 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Burton\Desktop\HijackThis.lnk
[2009/06/10 19:41:00 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/10 13:40:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/06/06 19:44:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Burton\Application Data\TeamViewer
[2009/06/06 19:44:49 | 00,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 4.lnk
[2009/06/06 19:44:45 | 00,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2009/06/05 15:00:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cabela's® Big Game Hunter III Saves
[2009/06/04 11:58:34 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/06/04 11:44:46 | 06,837,760 | ---- | C] () -- C:\Documents and Settings\Burton\My Documents\09swf.avi
[2009/06/04 11:42:55 | 00,000,777 | ---- | C] () -- C:\Documents and Settings\Burton\Desktop\IncrediFlash XTreme 1.2.lnk
[2009/06/04 11:42:39 | 00,000,000 | ---D | C] -- C:\Program Files\IncrediFlash XTreme 1.2
[2009/06/04 10:03:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Burton\Desktop\show music
[2009/06/04 10:02:49 | 11,477,1968 | ---- | C] () -- C:\Documents and Settings\Burton\Desktop\2009 Slideshow.ppt
[2009/06/03 21:05:40 | 00,000,782 | ---- | C] () -- C:\Documents and Settings\Burton\Desktop\Flash Music Studio 1.0.lnk
[2009/06/03 21:05:34 | 00,000,000 | ---D | C] -- C:\Program Files\Flash Music Studio 1.0
[2009/06/03 20:54:27 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Burton\Application Data\IFLTemp
[2009/06/03 20:53:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Burton\My Documents\New Folder (3)
[2009/06/03 20:23:45 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Burton\Application Data\FDBTemp
[2009/06/03 16:42:54 | 00,000,532 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Flash Video Studio 3.0.lnk
[2009/06/03 16:42:54 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Burton\Application Data\IFBuilder
[2009/06/02 17:15:41 | 00,023,552 | ---- | C] () -- C:\Documents and Settings\Burton\My Documents\North Harrison CONTEST EARLY REGISTRATION FORM.doc
[2009/05/31 13:09:18 | 00,000,777 | ---- | C] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to keyfinder.lnk
[2009/05/30 19:54:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/05/26 18:15:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Burton\Application Data\Reflexivev1005
[2009/05/26 18:14:50 | 00,000,921 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Amazing Adventures Around The World.lnk
[2009/05/26 18:14:44 | 00,000,000 | ---D | C] -- C:\Program Files\Amazing Adventures Around The World
[2009/05/26 18:05:13 | 00,001,074 | ---- | C] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to AmazingAdventures.lnk
[2009/05/26 18:03:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2009/05/26 18:03:21 | 00,000,000 | ---D | C] -- C:\Program Files\Amazing Adventures The Lost Tomb
[2009/05/23 16:44:47 | 00,028,672 | ---- | C] () -- C:\Documents and Settings\Burton\My Documents\Troop summer.doc
[2009/05/18 19:13:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\wanted
[2009/05/18 19:13:05 | 00,000,777 | ---- | C] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to Wanted.lnk
[2009/05/18 18:52:28 | 00,000,719 | ---- | C] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to DTPro.lnk
[2009/05/18 18:46:55 | 00,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2009/05/18 18:42:21 | 00,000,000 | ---D | C] -- C:\Program Files\WarnerBros
[2009/05/15 19:12:02 | 00,150,528 | ---- | C] () -- C:\Documents and Settings\Burton\My Documents\Inventory Sheet 2009 Page 1.doc
[2009/05/13 13:33:19 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Burton\My Documents\troop reminders.doc
[2009/05/12 20:40:42 | 00,000,774 | ---- | C] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to CoJ.lnk
[2009/05/12 17:29:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Burton\My Documents\call of juarez
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/05/11 20:19:04 | 00,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/03/07 22:59:02 | 00,000,373 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2008/02/10 16:00:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/02/04 19:23:10 | 00,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/11/21 20:09:52 | 00,000,080 | RHS- | C] () -- C:\WINDOWS\System32\F1FFF39B65.dll
[2007/11/14 21:26:30 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/11/10 16:19:45 | 00,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2007/08/21 20:05:29 | 00,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2007/08/19 13:15:40 | 00,000,021 | ---- | C] () -- C:\WINDOWS\System32\mchnieasy.sys
[2007/08/14 16:58:49 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\windrv.sys
[2007/08/13 11:24:18 | 01,233,604 | -HS- | C] () -- C:\WINDOWS\System32\oiurnaff.ini
[2007/08/12 13:03:36 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/08/05 20:29:39 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007/07/12 08:59:41 | 00,000,208 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2007/07/11 17:47:47 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/07/11 17:47:47 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/06/25 13:29:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2007/06/19 13:55:44 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll
[2007/06/18 21:28:48 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/06/18 11:50:00 | 00,163,328 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007/06/08 13:10:43 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\Chip.dll
[2007/06/07 12:00:16 | 00,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI
[2007/06/06 23:33:17 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/06/05 18:30:41 | 00,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/05/31 08:02:46 | 00,000,047 | ---- | C] () -- C:\WINDOWS\Battle.ini
[2007/05/30 02:37:17 | 00,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2007/05/27 01:38:56 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\rsUtil.dll
[2007/05/02 20:15:46 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2007/05/02 20:15:46 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007/04/25 01:07:24 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/07 19:58:41 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/03/29 22:52:10 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007/03/04 16:55:43 | 00,000,067 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2007/01/27 11:31:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/01/02 11:36:47 | 00,000,165 | ---- | C] () -- C:\WINDOWS\disney.ini
[2006/12/21 21:42:36 | 00,006,580 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/12/21 21:42:36 | 00,000,168 | RHS- | C] () -- C:\WINDOWS\System32\659BF3FFF1.sys
[2006/12/18 17:30:41 | 00,001,150 | ---- | C] () -- C:\WINDOWS\atm.ini
[2006/12/12 21:47:21 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/12/12 21:46:34 | 00,000,059 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2006/12/12 21:45:54 | 00,000,084 | ---- | C] () -- C:\WINDOWS\EPSPRX580.ini
[2006/12/11 17:39:12 | 00,086,446 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2006/12/11 17:39:12 | 00,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2006/12/11 17:39:12 | 00,000,191 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2006/12/11 16:59:48 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2006/12/11 15:37:19 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/08/11 15:57:18 | 00,037,888 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2006/08/11 15:56:28 | 00,033,792 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2006/07/18 06:49:20 | 01,445,696 | ---- | C] () -- C:\WINDOWS\System32\bbMPEG.dll
[2006/05/23 13:40:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2005/08/17 13:08:19 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\sfarkxt.dll
[2005/08/17 13:08:18 | 00,068,096 | ---- | C] () -- C:\WINDOWS\System32\SFARKL.DLL
[2005/06/16 19:17:16 | 00,071,680 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[2004/08/04 08:00:00 | 00,000,716 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/12/22 14:40:06 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2003/11/14 22:17:10 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\rdmesbox.dll
[2000/02/08 02:05:36 | 00,110,080 | R--- | C] () -- C:\WINDOWS\System32\W32MKRC.DLL
[2000/02/08 02:05:34 | 00,038,576 | ---- | C] () -- C:\WINDOWS\System32\NWLOCALE.DLL
[1999/01/22 14:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Files - Modified Within 30 Days ==========

[14 C:\WINDOWS\System32\*.tmp files]
[16 C:\WINDOWS\*.tmp files]
[3 C:\Documents and Settings\Burton\My Documents\*.tmp files]
[2049/12/31 16:00:00 | 00,021,936 | ---- | M] () -- C:\Documents and Settings\Burton\My Documents\Balladperc.sib
[2009/06/10 22:46:33 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Burton\Desktop\OTL.exe
[2009/06/10 22:39:46 | 00,012,686 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/10 22:39:18 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Burton\Local Settings\desktop.ini
[2009/06/10 22:39:05 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/10 22:37:57 | 00,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000007-00001102-00000004-00531102}.rfx
[2009/06/10 22:37:57 | 00,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000007-00001102-00000004-00531102}.rfx
[2009/06/10 22:37:57 | 00,027,408 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000007-00001102-00000004-00531102}.rfx
[2009/06/10 22:37:57 | 00,027,408 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000007-00001102-00000004-00531102}.rfx
[2009/06/10 22:37:57 | 00,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000007-00001102-00000004-00531102}.rfx
[2009/06/10 22:37:57 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/06/10 22:37:57 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/06/10 22:37:47 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/10 22:33:40 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/06/10 22:33:34 | 00,000,440 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/06/10 22:33:30 | 08,405,015 | ---- | M] () -- C:\WINDOWS\TempFile
[2009/06/10 22:19:21 | 00,000,716 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/06/10 22:19:21 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/06/10 22:19:21 | 00,000,224 | RHS- | M] () -- C:\boot.ini
[2009/06/10 20:16:52 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/10 19:41:01 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\HijackThis.lnk
[2009/06/10 18:04:07 | 37,028,844 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/06/10 18:04:07 | 00,071,058 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/06/10 13:38:34 | 00,327,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/06/10 13:34:59 | 01,712,304 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/09 23:48:14 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/06/09 21:58:25 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2009/06/09 21:58:25 | 00,000,006 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2009/06/09 20:20:34 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\Microsoft Office Word 2007.lnk
[2009/06/09 14:34:40 | 00,090,624 | ---- | M] () -- C:\Documents and Settings\Burton\My Documents\2009 Home Budget B.doc
[2009/06/06 19:44:49 | 00,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 4.lnk
[2009/06/04 16:45:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/04 13:44:35 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/06/04 11:58:34 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/06/04 11:46:19 | 11,477,1968 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\2009 Slideshow.ppt
[2009/06/04 11:45:36 | 06,837,760 | ---- | M] () -- C:\Documents and Settings\Burton\My Documents\09swf.avi
[2009/06/04 11:42:55 | 00,000,777 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\IncrediFlash XTreme 1.2.lnk
[2009/06/03 21:05:40 | 00,000,782 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\Flash Music Studio 1.0.lnk
[2009/06/03 16:42:54 | 00,000,532 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Flash Video Studio 3.0.lnk
[2009/06/02 17:15:41 | 00,023,552 | ---- | M] () -- C:\Documents and Settings\Burton\My Documents\North Harrison CONTEST EARLY REGISTRATION FORM.doc
[2009/06/01 20:17:46 | 00,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/06/01 20:13:44 | 00,107,832 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/06/01 12:51:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/31 13:09:34 | 00,000,777 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to keyfinder.lnk
[2009/05/27 16:06:13 | 00,409,122 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/27 16:06:13 | 00,064,518 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/27 16:06:12 | 00,481,352 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/26 18:14:50 | 00,000,921 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Amazing Adventures Around The World.lnk
[2009/05/26 18:05:13 | 00,001,074 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to AmazingAdventures.lnk
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/23 16:44:47 | 00,028,672 | ---- | M] () -- C:\Documents and Settings\Burton\My Documents\Troop summer.doc
[2009/05/23 09:51:42 | 00,000,014 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2009/05/18 19:13:05 | 00,000,777 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to Wanted.lnk
[2009/05/18 18:52:28 | 00,000,719 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to DTPro.lnk
[2009/05/18 18:46:54 | 00,418,480 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009/05/18 18:46:54 | 00,115,432 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2009/05/15 21:14:42 | 00,150,528 | ---- | M] () -- C:\Documents and Settings\Burton\My Documents\Inventory Sheet 2009 Page 1.doc
[2009/05/13 13:33:20 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Burton\My Documents\troop reminders.doc
[2009/05/12 20:40:42 | 00,000,774 | ---- | M] () -- C:\Documents and Settings\Burton\Desktop\Shortcut to CoJ.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 162 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8537DBB
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:901E30B2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38760F1C
< End of report >

Attached Files


Edited by burtot, 10 June 2009 - 09:01 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP