Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google redirect virus; Malwarebytes won't run [Closed]

Started by isis1989 , Aug 02 2009 04:23 PM

  • This topic is locked This topic is locked

#1
isis1989
Posted 02 August 2009 - 04:23 PM

isis1989

    New Member

  • Member
  • Pip
  • 1 posts
Hello All,

I have AVG Free, and it's not picking up anything other than tracking cookies. Computer sometimes freezes on startup. Usually this computer is extremely fast and lately it's been laggy. Google and other major search engines redirect to advertisement pages. I downloaded Malwarebytes, but I am unable to run it even after randomly renaming the exe file. Some exe files do not run, I tried recreating the .exe application file association manually through windows, but the association keeps disappearing and I fear I will have to edit the registry. I have backed up the registry. System will not create a restore point. I have backed up documents and music to an external hard drive, though the virus/worm/malware could now exist on that drive as well. Root Repeal just says "Scanning" and does not appear to be doing anything, though I left it sitting with all other processes closed for upwards of an hour. Any help would be greatly appreciated! Thank you in advance.

Here is the result of OTL, OTL.txt:

OTL logfile created on: 02/08/2009 15:13:23 - Run 1
OTL by OldTimer - Version 3.0.10.4 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,63% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): D:\pagefile.sys 5000 5001 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 104,93 Gb Free Space | 71,63% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 37,47 Gb Free Space | 24,72% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SARAH_DESKTOP
Current User Name: Sarah
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2007/03/14 18:48:38 | 00,450,560 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007/03/14 18:48:38 | 00,450,560 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2009/06/28 23:39:58 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2007/12/25 10:36:46 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe
PRC - [2009/06/28 23:40:00 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/05/20 11:56:19 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2008/07/24 15:22:50 | 00,102,400 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
PRC - [2009/07/07 09:21:09 | 00,907,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/06/28 23:40:00 | 00,692,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2004/08/04 00:56:50 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2004/08/04 00:56:52 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\Iexplore.exe
PRC - [2006/12/18 11:40:58 | 02,236,416 | ---- | M] (Universal abit) -- C:\Program Files\abit\abit uGuru\AirPaceWifi.exe
PRC - [2006/08/13 23:00:04 | 16,050,176 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007/12/25 10:36:46 | 01,481,984 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cfp.exe
PRC - [2009/06/28 23:39:59 | 01,948,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2008/07/24 15:22:12 | 00,450,560 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
PRC - [2005/09/23 23:05:26 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2006/09/29 10:57:30 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
PRC - [2006/09/29 10:57:36 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2009/08/02 14:09:05 | 00,514,048 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/02/20 02:44:44 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2007/03/14 18:48:38 | 00,450,560 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2007/03/22 22:05:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2009/07/07 09:21:09 | 00,907,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/06/28 23:39:58 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/12/25 10:36:46 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe -- (cmdAgent [Auto | Running])
SRV - [2006/10/20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2004/08/04 00:56:46 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006/10/30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/06/08 19:56:35 | 00,068,096 | ---- | M] () -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service [On_Demand | Stopped])
SRV - [2006/10/30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/01/07 13:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [On_Demand | Stopped])
SRV - [2009/01/21 14:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [On_Demand | Stopped])
SRV - [2008/07/24 15:22:50 | 00,102,400 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.19
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.12

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/06/28 23:40:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/28 10:07:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/28 10:07:30 | 00,000,000 | ---D | M]

[2008/07/18 08:58:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\mozilla\Extensions
[2008/07/18 08:58:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/01 13:40:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\mozilla\Firefox\Profiles\9wwf63tf.default\extensions
[2008/05/20 20:39:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\mozilla\Firefox\Profiles\9wwf63tf.default\extensions\[email protected]
[2008/05/24 19:54:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\mozilla\Firefox\Profiles\9wwf63tf.default\extensions\[email protected]
[2008/07/18 08:59:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\mozilla\Firefox\Profiles\9wwf63tf.default\extensions\[email protected]
[2009/07/18 13:07:04 | 00,002,399 | ---- | M] () -- C:\Documents and Settings\Sarah\Application Data\Mozilla\FireFox\Profiles\9wwf63tf.default\searchplugins\daemon-search.xml
[2008/07/18 08:58:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/28 10:07:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/28 10:07:28 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/28 10:07:28 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/02/09 13:03:16 | 00,284,248 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\mozilla firefox\plugins\npmusicn.dll
[2009/07/28 10:07:28 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/08/04 19:49:45 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2008/08/04 19:49:49 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2008/08/04 19:49:53 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2008/08/04 19:49:57 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2008/08/04 19:50:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2008/08/04 19:50:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2008/08/04 19:50:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2008/06/11 13:10:54 | 06,320,872 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npsibelius.dll
[2009/05/17 11:58:54 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/05/17 11:58:54 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/05/17 11:58:54 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/05/17 11:58:54 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/05/17 11:58:54 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/05/17 11:58:54 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/05/17 11:58:54 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/05/17 11:58:54 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AirPaceWifi] C:\Program Files\abit\abit uGuru\AirPaceWifi.exe (Universal abit)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Firewall Pro] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [msupdate] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Protection System] C:\Program Files\Protection System\psystem.exe File not found
O4 - HKCU..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\System32\guard32.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O29 - HKLM SecurityProviders - (mcenspc.dll) - C:\WINDOWS\System32\mcenspc.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/22 20:13:55 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/08/02 14:03:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/08/02 14:03:08 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Sarah\Desktop\NTREGOPT.lnk
[2009/08/02 14:03:08 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Sarah\Desktop\ERUNT.lnk
[2009/08/02 14:03:08 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/08/01 13:46:36 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/08/01 13:46:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/08/01 13:46:27 | 00,130,424 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/08/01 13:46:27 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/08/01 13:46:19 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/08/01 13:46:18 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/08/01 13:46:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/08/01 13:46:15 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/08/01 13:46:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sarah\Application Data\PC Tools
[2009/08/01 13:46:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/07/30 23:16:43 | 00,000,000 | ---D | C] -- C:\Program Files\Assassin's Creed-Repack-Reloaded
[2009/07/24 17:51:31 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/24 17:51:29 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/24 17:51:28 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/24 17:51:28 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/24 17:51:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/07/22 15:55:51 | 00,075,414 | ---- | C] () -- C:\Documents and Settings\Sarah\Desktop\364130015_ab830b402e.jpg
[2009/07/21 21:36:25 | 00,000,000 | ---D | C] -- C:\Program Files\Protection System
[2009/07/21 21:22:23 | 00,052,224 | ---- | C] () -- C:\WINDOWS\System32\mcenspc.dll
[2009/07/21 01:41:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2009/07/19 16:46:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sarah\Local Settings\Application Data\Fallout3

========== Files - Modified Within 14 Days ==========

[2009/08/02 15:10:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/02 15:10:35 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/02 14:03:08 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Sarah\Desktop\NTREGOPT.lnk
[2009/08/02 14:03:08 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Sarah\Desktop\ERUNT.lnk
[2009/08/02 12:33:58 | 39,465,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/02 12:33:58 | 00,056,095 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/01 17:54:58 | 05,518,008 | -H-- | M] () -- C:\Documents and Settings\Sarah\Local Settings\Application Data\IconCache.db
[2009/08/01 13:46:19 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/07/30 23:02:47 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/24 17:51:31 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/22 15:55:52 | 00,075,414 | ---- | M] () -- C:\Documents and Settings\Sarah\Desktop\364130015_ab830b402e.jpg
[2009/07/21 21:22:23 | 00,052,224 | ---- | M] () -- C:\WINDOWS\System32\mcenspc.dll
[2009/07/20 14:04:50 | 00,029,200 | ---- | M] () -- C:\Documents and Settings\Sarah\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/07/20 13:37:27 | 00,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== LOP Check ==========

[2009/08/01 13:46:29 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/08/08 12:18:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2008/02/03 13:50:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2009/07/18 13:07:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/07/19 13:27:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fallout3
[2008/06/08 19:56:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2008/02/09 13:03:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2008/03/22 20:58:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/08/01 15:39:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/08/01 13:46:15 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Sarah\Application Data
[2008/07/07 14:02:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\Ahead
[2007/12/24 17:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\ATI
[2009/06/04 15:26:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\Bioshock
[2009/07/18 13:08:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\DAEMON Tools Lite
[2008/03/25 22:31:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\GetRightToGo
[2008/06/08 20:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\NCH Swift Sound
[2009/07/23 13:32:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\OpenOffice.org2
[2009/06/04 15:13:58 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Sarah\Application Data\SecuROM
[2008/06/11 13:11:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\Sibelius Software
[2008/06/02 09:42:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\Smith Micro
[2008/07/06 00:43:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\ubi.com
[2009/08/01 15:42:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\uTorrent
[2001/08/23 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/08/02 15:10:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2008/01/01 23:15:13 | 00,001,539 | ---- | M] () -- C:\boot.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

========== Files - Unicode (All) ==========
[2009/05/15 14:32:07 | 00,028,160 | ---- | M] ()(D:\Documents\???.doc) -- D:\Documents\ьер.doc
[2009/06/07 16:46:54 | 00,028,160 | ---- | C] ()(D:\Documents\???.doc) -- D:\Documents\ьер.doc
< End of report >







And here is the contents of EXTRAS.txt:

OTL Extras logfile created on: 02/08/2009 15:13:23 - Run 1
OTL by OldTimer - Version 3.0.10.4 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,63% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): D:\pagefile.sys 5000 5001 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 104,93 Gb Free Space | 71,63% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 37,47 Gb Free Space | 24,72% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SARAH_DESKTOP
Current User Name: Sarah
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\World of Warcraft\WoW-1.12.0-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-1.12.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Program Files\World of Warcraft\WoW-2.3.0-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-2.3.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Program Files\Soulseek\slsk.exe" = C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Warcraft III\Warcraft III.exe" = C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Program Files\Halflife 2\Half-Life 2\hl2.exe" = C:\Program Files\Halflife 2\Half-Life 2\hl2.exe:*:Enabled:hl2 -- ()
"C:\WINDOWS\system32\config\systemprofile\Application Data\syssl.exe" = C:\WINDOWS\system32\config\systemprofile\Application Data\syssl.exe:*:Enabled:Win32load -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004138B7-FE04-2DFA-E268-003FD6492856}" = Skins
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{04EEF132-A9DE-AE11-CA2C-CD84816B0C16}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06B5B0D4-6FAB-54B9-9E43-63B50BE8AD28}" = Catalyst Control Center Localization Thai
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0F324818-93B9-481A-D9DE-81A2FF399BCB}" = Catalyst Control Center Localization Korean
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{16205C55-4823-B163-853F-76A9A9130EB0}" = CCC Help Norwegian
"{1C9A45C6-A367-472F-8FC7-45B10D661BF1}" = abit AirPace Wi-Fi
"{1E159F2F-21EF-DD83-F4A5-8C994C4FDD3D}" = ccc-core-static
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{272A9388-AFD7-354F-5C74-A1EC2DD0BAB1}" = CCC Help Chinese Traditional
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{31A53F46-1706-DE47-4D83-23C4D7EB063A}" = Catalyst Control Center Graphics Light
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3552601F-0CE7-6B57-DAEB-6D4E6F037E35}" = Catalyst Control Center Localization Danish
"{358C1243-8889-3393-3DEC-EAFC4CA4D015}" = CCC Help Russian
"{378A8E23-2A41-277D-C668-00F7227F665F}" = Catalyst Control Center Graphics Full Existing
"{3B798A6F-ED33-D0A7-035F-D1A93FFE098E}" = Catalyst Control Center Core Implementation
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4BCACE5C-6811-D900-873B-731E112347FE}" = CCC Help Danish
"{4C6236EC-7DA0-B906-A082-1F9B40514BB2}" = Catalyst Control Center Localization Finnish
"{4CFF3A39-03F9-31D6-0971-183A2E5C4D56}" = Catalyst Control Center Localization German
"{4EC2047E-DAF6-1CBE-3726-7671F817E975}" = CCC Help Greek
"{50A11BD2-76F9-07B0-7BF1-6352D3A0680F}" = Catalyst Control Center Localization Turkish
"{54C93A8C-A15A-4439-BE64-2342202D4FF0}" = OpenOffice.org 2.3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5A2CFA31-93EE-6246-C44F-2F6A59B2F637}" = CCC Help Dutch
"{5A4EE266-25F8-AC34-5229-062EACEF4194}" = Catalyst Control Center Localization Polish
"{5B9DE562-66ED-5789-3D7E-C8BA9B8E6F2A}" = CCC Help Spanish
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B050085-C636-20D4-B9C7-41147A624108}" = Catalyst Control Center Graphics Full New
"{7CF283CB-5AAE-F5FC-2808-9B2B9652C217}" = CCC Help Japanese
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7DCC7A58-1A6F-CBA8-8628-D36BB90080E0}" = Catalyst Control Center Localization Chinese Standard
"{7F7697B4-C823-63A4-72DB-8E7D732C79C7}" = Catalyst Control Center Localization Dutch
"{82052D6C-80FE-9AA6-B582-EA6BA4F0AEDA}" = Catalyst Control Center Localization Italian
"{8470138B-76FE-AB4C-56C7-D5DDE93B8B6E}" = CCC Help French
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{9003D99C-9ABB-BD1C-3D49-5BCDA6E5671B}" = Catalyst Control Center Localization Japanese
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9BCA9270-B7AF-0DC6-769C-DF4F2506E339}" = Catalyst Control Center Localization French
"{AAA1385A-0F9F-05F3-D570-CD11FE2C44D1}" = Catalyst Control Center Localization Spanish
"{AAECB6A2-76A7-B8CB-8216-15A94A4E83E5}" = CCC Help German
"{AC76BA86-7AD7-1036-7B44-A70700000002}" = Adobe Reader 7.0.7 - Français
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B461576D-5D19-CFB3-D0E0-7C15BF970B17}" = CCC Help Portuguese
"{B535E635-F195-D2B3-7144-E6F76B5D547E}" = CCC Help Korean
"{B7BA032B-9C0F-4EB8-8A9D-89B13C0D83B4}" = Catalyst Control Center Localization Portuguese
"{B9065D08-C093-9A78-CC31-A6B7622C8FA6}" = Catalyst Control Center Localization Chinese Traditional
"{BABD5D20-8217-76DA-317B-BCF2D44BDB80}" = CCC Help Chinese Standard
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BC302EF7-9F91-A23E-B9C9-9646FFEC06AD}" = CCC Help Swedish
"{BC4122A7-B85F-BD5B-A041-4782683024F1}" = Catalyst Control Center Localization Swedish
"{C35932AB-B2AC-C565-EDAF-D25B2E77BDE5}" = Catalyst Control Center Localization Russian
"{C48B220A-9950-0157-76BE-9E081E092507}" = CCC Help Finnish
"{C535DD86-2AD8-EF99-4C7B-D4D438442F8A}" = CCC Help Italian
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{CA0926CF-1B36-6845-8796-079387C9D009}" = CCC Help Thai
"{CB7D0E96-12E8-824D-4284-5449DE7F67EF}" = Catalyst Control Center Localization Czech
"{CCD04643-5246-48AC-9D8C-F43A37BB8F36}" = WD Drive Manager (x86)
"{CF75524E-E503-52F4-E9DE-EC4A4A9C7516}" = CCC Help Turkish
"{D4A2EF65-9888-4EFF-8EA0-A2D2C3152A29}" = Samsung USB Driver (MCCI 4.34) WHQL v3.4
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E6D208E1-1B27-476E-B2C6-348356281B49}" = abit AirPace Wi-Fi
"{E9392121-2167-6F6C-69AD-A9BF13745327}" = ccc-core-preinstall
"{EB322290-CB28-51DB-862C-192D3031AC26}" = CCC Help English
"{EC07DD02-1D89-6590-82E1-AA0A788CCAD9}" = CCC Help Polish
"{EE79BF0C-9D17-A0D7-143E-096697E8916D}" = Catalyst Control Center Localization Hungarian
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22144D0-5313-7D3F-32E3-AB73760F2594}" = Catalyst Control Center Localization Norwegian
"{F4BA56FE-CDF9-FA3F-0D59-F1E84BFEA338}" = ccc-utility
"{F8B1F32A-B7F3-EA3C-D577-E8A85F6D6CFF}" = CCC Help Hungarian
"{FB7A2F49-9724-341D-87C7-5D99B9063BB2}" = Catalyst Control Center Localization Greek
"9E140F48C9836B9B78539C08FB2B17146BDB3F65" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ATI Display Driver" = ATI Display Driver
"AVG8Uninstall" = AVG Free 8.5
"COMODO Firewall Pro" = COMODO Firewall Pro
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ERUNT_is1" = ERUNT 1.1j
"Expstudio Audio Editor FREE" = Expstudio Audio Editor FREE
"Fallout Mod Manager_is1" = Fallout Mod Manager 0.9.15
"Instant CD & DVD Burner_is1" = Instant CD & DVD Burner
"InterActual Player" = InterActual Player
"IsoBuster_is1" = IsoBuster 2.5
"KRISTAL Audio Engine" = KRISTAL Audio Engine
"LastFM_is1" = Last.fm 1.5.2.38918
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mozilla Firefox (3.0.12)" = Mozilla Firefox (3.0.12)
"Musicnotes Player_is1" = Musicnotes Player V1.23.1
"NVIDIA Drivers" = NVIDIA Drivers
"Samsung SCX-4100 Series" = Samsung SCX-4100 Series
"Sibelius Scorch Plugin" = Sibelius Scorch Plugin
"SiteGrinder2" = Media Lab SiteGrinder 2 (Basic & Pro)
"Soulseek" = SoulSeek Client 156c
"SoundTap" = SoundTap
"Spyware Doctor" = Spyware Doctor 6.0
"ST6UNST #1" = Machinehead GearCalc Pro (32 bit)
"Switch" = Switch
"VLC media player" = VLC media player 1.0.0
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"I-Doser v4" = I-Doser v4
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27/07/2009 03:25:16 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application fallout3.exe, version 1.0.0.12, faulting module
fallout3.exe, version 1.0.0.12, fault address 0x00469fe1.

Error - 28/07/2009 01:14:32 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application fallout3.exe, version 1.0.0.12, faulting module
fallout3.exe, version 1.0.0.12, fault address 0x0028368c.

Error - 28/07/2009 01:15:05 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application fallout3.exe, version 1.0.0.12, faulting module
fallout3.exe, version 1.0.0.12, fault address 0x0028368c.

Error - 28/07/2009 06:44:03 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module unknown, version 0.0.0.0, fault address 0x01443833.

Error - 29/07/2009 23:40:43 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application fallout3.exe, version 1.0.0.12, faulting module
fallout3.exe, version 1.0.0.12, fault address 0x002bb8c9.

Error - 29/07/2009 23:53:00 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application fallout3.exe, version 1.0.0.12, faulting module
fallout3.exe, version 1.0.0.12, fault address 0x002bb8c9.

Error - 31/07/2009 21:05:12 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application fallout3.exe, version 1.0.0.12, faulting module
fallout3.exe, version 1.0.0.12, fault address 0x007faefc.

Error - 01/08/2009 18:38:45 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application fallout3.exe, version 1.0.0.12, faulting module
fallout3.exe, version 1.0.0.12, fault address 0x002fb4e2.

Error - 01/08/2009 21:32:29 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application fallout3.exe, version 1.0.0.12, faulting module
fallout3.exe, version 1.0.0.12, fault address 0x006d9558.

Error - 02/08/2009 02:54:16 | Computer Name = SARAH_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00ae3973.

[ System Events ]
Error - 04/06/2009 14:12:10 | Computer Name = SARAH_DESKTOP | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 21/06/2009 15:56:42 | Computer Name = SARAH_DESKTOP | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 21/06/2009 15:56:42 | Computer Name = SARAH_DESKTOP | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 13/07/2009 15:48:16 | Computer Name = SARAH_DESKTOP | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume4'. It has stopped monitoring
the volume.

Error - 17/07/2009 16:14:01 | Computer Name = SARAH_DESKTOP | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume3'. It has stopped monitoring
the volume.

Error - 18/07/2009 15:44:25 | Computer Name = SARAH_DESKTOP | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume4'. It has stopped monitoring
the volume.

Error - 18/07/2009 16:09:00 | Computer Name = SARAH_DESKTOP | Source = LDMS | ID = 16780239
Description = The Logical Disk Manager Service failed while registering for device
handle notifications on device \\?\SCSI#CdRom&Ven_ORGTOF&Prod_MN09I7SPU34&Rev_1.03#5&36e5972&0&010#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}.
Win32 Error: 2.

Error - 19/07/2009 01:00:52 | Computer Name = SARAH_DESKTOP | Source = HTTP | ID = 15005
Description = Unable to bind to the underlying transport for 0.0.0.0:2869. The IP
Listen-Only list may contain a reference to an interface which may not exist on
this machine. The data field contains the error number.

Error - 19/07/2009 01:00:52 | Computer Name = SARAH_DESKTOP | Source = HTTP | ID = 15005
Description = Unable to bind to the underlying transport for 0.0.0.0:2869. The IP
Listen-Only list may contain a reference to an interface which may not exist on
this machine. The data field contains the error number.

Error - 31/07/2009 02:04:20 | Computer Name = SARAH_DESKTOP | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%10106


< End of report >
  • 0

Advertisements

#2
fenzodahl512
Posted 12 August 2009 - 11:15 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello.. sorry for our late reply.. Do you still need help? :)
  • 0

#3
fenzodahl512
Posted 18 August 2009 - 02:13 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP