Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Rundlll32.exe Application's Won't Run


  • Please log in to reply

#1
Michaela123

Michaela123

    New Member

  • Member
  • Pip
  • 1 posts
Two days ago I had a malware problem WD/32 something (Sorry I can't remember exactly what it was, but I followed steps I found online to remove it and it worked fine yesterday (I also had a similar problem a few weeks ago.) Today, everything was working fine, then I tried to open IE and it said the Application couldn't be opened and it had the Rundlll32.exe I have since run RKill and I am able to open everything yet again - but I know that this isn't a permenant fix. I also recently changed from Microsoft Security essentials to AVG.

Can anyone help?

I have a Compaq Presario CQ60 running Windows Vista

Oops, forgot to add the OTL log:

OTL logfile created on: 21/05/2011 11:08:27 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Michaela\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 18.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.98 Gb Total Space | 45.91 Gb Free Space | 33.03% Space Free | Partition Type: NTFS
Drive D: | 10.07 Gb Total Space | 1.75 Gb Free Space | 17.38% Space Free | Partition Type: NTFS

Computer Name: MICHAELA-PC | User Name: Michaela | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/21 11:08:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Michaela\Desktop\OTL.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 21:30:46 | 003,588,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgui.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/21 22:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/09 05:35:14 | 001,265,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgsrmax.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/02/08 05:33:06 | 001,088,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgscanx.exe
PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/05/10 11:34:22 | 004,456,448 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2010/05/10 11:33:42 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2010/05/10 11:32:36 | 001,858,048 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2010/05/10 11:32:06 | 000,482,304 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/06 17:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2007/10/30 19:52:34 | 000,016,200 | ---- | M] () -- C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
PRC - [2007/01/22 12:05:24 | 000,054,832 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.0 VR\shellmon.exe
PRC - [2006/11/14 15:01:21 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\aol\1236984479\ee\aolsoftware.exe
PRC - [2006/11/10 13:11:58 | 000,039,472 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.0 VR\waol.exe
PRC - [2006/10/23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/10/14 00:18:24 | 000,063,120 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe


========== Modules (SafeList) ==========

MOD - [2011/05/21 11:08:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Michaela\Desktop\OTL.exe
MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/13 21:15:20 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/04/22 13:56:50 | 000,984,392 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/06/03 15:09:32 | 000,064,328 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3001.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/05/10 11:33:42 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2010/05/10 11:32:36 | 001,858,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/05/10 11:32:06 | 000,482,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010/02/02 12:36:03 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/06 17:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/02/03 20:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008/01/21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Disabled | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 21:28:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/08/12 13:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/08/12 13:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2009/09/05 17:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/23 22:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/10/03 04:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/05/09 20:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/24 23:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/01/21 03:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/03 22:50:22 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007/10/18 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/19 01:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/29 23:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/19 23:21:35 | 000,000,000 | ---D | M]

[2011/05/15 10:53:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/22 00:55:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1236984479\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [spchecker] C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://bq.kp.2020.ne...yerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....NPUplden-gb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/21 11:08:04 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Michaela\Desktop\OTL.exe
[2011/05/19 23:23:27 | 000,000,000 | ---D | C] -- C:\Users\Michaela\AppData\Roaming\AVG10
[2011/05/19 23:22:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/05/19 23:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2011/05/19 23:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/05/19 23:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/05/19 23:19:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011/05/19 23:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/05/19 07:59:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/19 07:59:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/19 07:59:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/19 07:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/18 16:46:04 | 000,000,000 | ---D | C] -- C:\Users\Michaela\Documents\Mothers Day
[2011/05/18 16:46:04 | 000,000,000 | ---D | C] -- C:\Users\Michaela\Documents\KMPlayer
[2011/05/18 12:55:20 | 000,000,000 | ---D | C] -- C:\Users\Michaela\Documents\TransferFormBLANK
[2011/05/18 12:23:06 | 000,000,000 | ---D | C] -- C:\Users\Michaela\Documents\My PSP Files
[2011/05/13 00:08:29 | 000,000,000 | ---D | C] -- C:\Users\Michaela\Documents\Amber Frey
[2011/05/10 22:44:11 | 000,000,000 | ---D | C] -- C:\Users\Michaela\AppData\Local\{40F7B78B-89C4-4AE1-9882-F01720E48ABF}
[2011/04/30 20:54:33 | 000,000,000 | ---D | C] -- C:\Users\Michaela\AppData\Roaming\Malwarebytes
[2011/04/30 20:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/30 19:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\kG31002MaNfA31002
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/21 11:08:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Michaela\Desktop\OTL.exe
[2011/05/21 10:13:41 | 000,001,440 | -HS- | M] () -- C:\Users\Michaela\AppData\Local\747073s32x2s4it14g
[2011/05/21 10:13:41 | 000,001,440 | -HS- | M] () -- C:\ProgramData\747073s32x2s4it14g
[2011/05/21 09:48:23 | 115,529,851 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/05/21 09:44:01 | 000,000,248 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2011/05/21 09:42:30 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/21 09:42:29 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/21 09:42:02 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/05/21 09:41:48 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/05/21 09:41:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/20 13:13:46 | 000,604,520 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/20 13:13:46 | 000,107,796 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/19 23:21:40 | 000,000,830 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/05/19 23:13:16 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/05/19 07:59:45 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/19 07:42:20 | 001,006,778 | ---- | M] () -- C:\Users\Michaela\Desktop\rkill.com
[2011/05/17 21:24:32 | 003,795,782 | ---- | M] () -- C:\Users\Michaela\Documents\Crochet-Me-7-Baby-Patterns.pdf
[2011/05/17 13:18:44 | 007,026,542 | ---- | M] () -- C:\Users\Michaela\Documents\paget 1 copy.html.jpg
[2011/05/16 18:54:02 | 000,029,234 | ---- | M] () -- C:\Users\Michaela\AppData\Roaming\wklnhst.dat
[2011/05/16 16:16:46 | 000,069,697 | ---- | M] () -- C:\Users\Michaela\Documents\referenceforms.pdf
[2011/05/15 18:57:24 | 000,010,752 | ---- | M] () -- C:\Users\Michaela\Documents\Site.wps
[2011/05/14 16:10:53 | 000,054,554 | ---- | M] () -- C:\Users\Michaela\Documents\30 weeks.jpg
[2011/05/14 16:10:42 | 000,020,026 | ---- | M] () -- C:\Users\Michaela\Documents\165202_176259655730686_100000399577686_451811_3808554_n.jpg
[2011/05/11 15:00:59 | 000,000,000 | ---- | M] () -- C:\Users\Michaela\AppData\Local\Jnidakusadiyu.bin
[2011/05/10 22:44:13 | 000,000,120 | ---- | M] () -- C:\Users\Michaela\AppData\Local\Amaloxubacepexo.dat
[2011/05/03 19:35:19 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMichaela.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/21 10:13:41 | 000,001,440 | -HS- | C] () -- C:\Users\Michaela\AppData\Local\747073s32x2s4it14g
[2011/05/21 10:13:41 | 000,001,440 | -HS- | C] () -- C:\ProgramData\747073s32x2s4it14g
[2011/05/21 09:48:23 | 115,529,851 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/05/19 23:21:40 | 000,000,830 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/05/19 07:59:45 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/19 07:42:12 | 001,006,778 | ---- | C] () -- C:\Users\Michaela\Desktop\rkill.com
[2011/05/17 21:24:25 | 003,795,782 | ---- | C] () -- C:\Users\Michaela\Documents\Crochet-Me-7-Baby-Patterns.pdf
[2011/05/17 13:18:30 | 007,026,542 | ---- | C] () -- C:\Users\Michaela\Documents\paget 1 copy.html.jpg
[2011/05/16 16:16:44 | 000,069,697 | ---- | C] () -- C:\Users\Michaela\Documents\referenceforms.pdf
[2011/05/14 16:10:51 | 000,054,554 | ---- | C] () -- C:\Users\Michaela\Documents\30 weeks.jpg
[2011/05/14 16:10:41 | 000,020,026 | ---- | C] () -- C:\Users\Michaela\Documents\165202_176259655730686_100000399577686_451811_3808554_n.jpg
[2011/05/12 21:08:12 | 000,010,752 | ---- | C] () -- C:\Users\Michaela\Documents\Site.wps
[2011/05/10 22:44:13 | 000,000,120 | ---- | C] () -- C:\Users\Michaela\AppData\Local\Amaloxubacepexo.dat
[2011/05/10 22:44:13 | 000,000,000 | ---- | C] () -- C:\Users\Michaela\AppData\Local\Jnidakusadiyu.bin
[2011/01/21 21:34:55 | 000,000,000 | ---- | C] () -- C:\Windows\SMMVSplitter.INI
[2010/10/11 17:12:58 | 000,000,145 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/09/19 15:09:05 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/09/19 15:08:59 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/09/15 23:14:26 | 000,000,013 | -H-- | C] () -- C:\ProgramData\1ÌØ13.sys
[2010/09/06 12:58:12 | 000,000,132 | ---- | C] () -- C:\Users\Michaela\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2010/08/17 10:43:11 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2010/06/03 15:40:22 | 000,000,088 | RHS- | C] () -- C:\ProgramData\F58B9E3D83.sys
[2010/06/03 15:40:21 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/03/08 19:48:02 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/12/25 12:37:00 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2009/10/20 18:41:17 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/10/20 18:41:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/16 11:00:11 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sse1ml3.dll
[2009/08/14 12:16:00 | 000,270,336 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2009/08/14 12:16:00 | 000,106,496 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2009/08/14 12:16:00 | 000,090,112 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2009/08/14 12:16:00 | 000,061,440 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/06 21:18:54 | 000,007,808 | ---- | C] () -- C:\Users\Michaela\AppData\Local\d3d9caps.dat
[2009/05/02 18:32:34 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/02 18:32:28 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/04/18 14:02:05 | 000,000,952 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/03/13 23:47:20 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/03/07 15:08:34 | 000,110,080 | ---- | C] () -- C:\Users\Michaela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/06 18:43:24 | 000,029,234 | ---- | C] () -- C:\Users\Michaela\AppData\Roaming\wklnhst.dat
[2009/01/10 04:18:51 | 000,000,248 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009/01/10 03:45:31 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/10/25 19:05:59 | 000,000,428 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2008/10/25 17:57:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2007/06/05 13:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006/11/02 13:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:44:53 | 006,493,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 11:33:01 | 000,604,520 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,107,796 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2011/01/18 16:21:20 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\12Pay
[2009/12/07 18:00:46 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\aHisoft
[2011/05/19 23:23:27 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\AVG10
[2010/08/23 23:21:52 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\CoreFTP
[2010/12/28 20:43:04 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\Digiarty
[2010/02/11 16:23:40 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\Facebook
[2011/05/18 22:08:42 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\FileZilla
[2009/12/07 19:24:07 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\GetRightToGo
[2010/05/22 12:09:22 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\GrabPro
[2011/02/06 23:13:44 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\ImTOO
[2010/08/17 11:01:43 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\iolo
[2010/09/16 23:10:55 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\Jasc
[2009/03/28 17:01:20 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\muvee Technologies
[2010/09/25 16:33:14 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\Orbit
[2010/09/25 16:04:38 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\ProgSense
[2010/07/19 15:38:51 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\Research In Motion
[2010/08/09 14:36:54 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\SoftGrid Client
[2010/09/06 12:48:56 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2009/03/06 18:43:31 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\Template
[2010/06/16 14:38:16 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\TP
[2010/04/20 19:36:37 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/02/14 22:11:39 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\Visan
[2010/04/18 14:43:49 | 000,000,000 | ---D | M] -- C:\Users\Michaela\AppData\Roaming\Web Page Maker
[2011/05/20 22:55:22 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by Michaela123, 21 May 2011 - 04:24 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP