[Lazey]

I am having two issues, not sure if they're related or not.

A couple days ago I noticed when I go to shut down or go to restart I get the "program not responding" box about rundll32. I have to click end now every time.

And even more annoying I've managed to get a redirect virus, Almost every time I search in google when I go to click on links I get sent to one of those spam sites, sometimes avast will stop it saying it's being directed to an unsafe site. I tried different instructions for removing the google redirect virus but so far none of the scans have found what's causing it- It's a slippery worm and I've been trying to get rid of it for a couple hours.

Anyways, I ran OTL quickscan and here's what the log says:

OTL logfile created on: 9/7/2011 5:32:14 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Lacey Smith\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.88 Mb Total Physical Memory | 295.01 Mb Available Physical Memory | 29.10% Memory free
2.38 Gb Paging File | 1.81 Gb Available in Paging File | 76.14% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.05 Gb Total Space | 77.84 Gb Free Space | 54.80% Space Free | Partition Type: NTFS

Computer Name: ACER-330BB84976 | User Name: Lacey Smith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/07 17:20:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 07:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009/02/11 18:46:28 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/02/05 11:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008/12/30 03:09:54 | 000,875,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/10/14 11:15:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\WebCam\M3000\M3000Mnt.exe
PRC - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 20:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/13 13:33:14 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2006/07/13 13:22:50 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/07 04:43:50 | 001,386,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090700\algo.dll
MOD - [2011/09/05 04:17:50 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090700\aswRep.dll
MOD - [2011/05/22 13:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/05/11 14:23:05 | 001,874,904 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/03/21 14:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/10/06 14:27:42 | 005,969,360 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008/10/14 11:15:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\WebCam\M3000\M3000Mnt.exe
MOD - [2006/01/19 12:33:38 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXCZPP5C.DLL
MOD - [2003/06/07 01:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/02/05 11:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/04 07:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 07:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 07:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 07:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 07:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 07:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 07:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/03/02 01:03:46 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/25 20:17:52 | 001,344,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/02/24 04:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/02/03 02:42:30 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/01/02 18:33:54 | 000,145,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\M3000KNT.sys -- (M3000Srv)
DRV - [2008/08/05 08:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/06/27 09:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 09:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/11/02 09:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/01/04 03:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...10&m=aspire_one
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...10&m=aspire_one

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...10&m=aspire_one
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: [email protected]:0.1
FF - prefs.js..extensions.enabledItems: [email protected]:0.1.2008d

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/03 17:26:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/11 14:23:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/11 14:23:26 | 000,000,000 | ---D | M]

[2010/04/01 15:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Extensions
[2010/04/01 15:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Extensions\[email protected]
[2011/09/07 15:28:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions
[2010/04/27 17:11:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/07 16:10:44 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{ae544a9c-7f4c-469e-bf96-5c9053540de4}
[2011/04/02 19:16:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/12 12:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/12 12:49:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/05/11 14:23:00 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/12 12:49:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/11 14:23:09 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/07 15:17:01 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [M3000Mnt] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Corel Photo Downloader] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O4 - Startup: C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.151.8.210 24.151.8.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A02DC451-2735-480A-98C2-245BC520EB57}: DhcpNameServer = 24.151.8.210 24.151.8.211
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/12 01:07:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/07 17:20:48 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
[2011/09/07 16:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\Malwarebytes
[2011/09/07 16:51:42 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/07 16:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/07 16:51:36 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/07 16:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/07 16:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/09/07 15:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Desktop\GooredFix Backups
[2011/09/07 15:13:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/07 15:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/09/07 15:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/09/07 15:09:13 | 001,932,256 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Lacey Smith\Desktop\FixTDSS.exe
[2011/09/06 20:30:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/09/06 19:25:42 | 001,402,672 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lacey Smith\Desktop\TDSSKiller.exe
[2011/09/04 14:16:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/09/03 17:27:53 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/03 17:27:53 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/03 17:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/09/03 17:27:49 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/03 17:27:48 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/03 17:27:48 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/03 17:27:47 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/03 17:27:47 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/03 17:27:47 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/03 17:26:51 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/03 17:26:50 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/03 17:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/03 17:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 16:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/09/03 16:30:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/09/03 16:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/03 16:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/09/02 20:05:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\timesheet
[2011/08/24 16:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Barnes & Noble
[2011/08/20 18:39:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\Vulture
[2011/08/18 18:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Recorded Books
[2011/08/18 17:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\FileZilla
[2011/08/18 17:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2011/08/18 17:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/08/12 17:30:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\Town of Eastford
[2011/08/12 15:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\OpenOffice.org
[2011/08/12 15:28:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\My imm Media
[2011/08/12 15:27:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ingram Media Manager
[2011/08/12 15:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Ingram Media Manager
[2011/08/12 12:54:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3
[2011/08/12 12:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011/08/12 12:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Desktop\OpenOffice.org 3.3 (en-US) Installation Files
[2009/03/11 08:53:14 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[1 C:\Documents and Settings\Lacey Smith\*.tmp files -> C:\Documents and Settings\Lacey Smith\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/07 17:20:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
[2011/09/07 17:16:19 | 001,402,672 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lacey Smith\Desktop\TDSSKiller.exe
[2011/09/07 17:05:57 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/07 17:05:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/07 17:04:28 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\0148d9c7
[2011/09/07 17:02:09 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\e1952638
[2011/09/07 16:51:42 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 16:48:02 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/07 16:42:06 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/07 16:37:19 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat
[2011/09/07 15:36:29 | 000,002,276 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\f630ae3d
[2011/09/07 15:17:01 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/09/07 15:12:51 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/07 15:12:45 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\NTREGOPT.lnk
[2011/09/07 15:12:45 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\ERUNT.lnk
[2011/09/07 15:09:18 | 001,932,256 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Lacey Smith\Desktop\FixTDSS.exe
[2011/09/06 20:44:47 | 000,000,553 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\Shortcut to checked out.lnk
[2011/09/06 20:34:23 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/09/06 20:29:10 | 000,014,022 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\wklnhst.dat
[2011/09/06 20:29:05 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\checked out.wdb
[2011/09/03 17:27:53 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/09/03 17:27:48 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/03 15:44:44 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\8930d6c7
[2011/09/03 13:53:32 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/08/30 20:03:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/26 17:02:38 | 000,101,562 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.pdf
[2011/08/25 16:58:59 | 000,019,885 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.odt
[2011/08/25 01:27:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/24 16:23:20 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/08/20 16:58:11 | 000,013,691 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\corn cakes.odt
[2011/08/20 15:36:44 | 000,000,899 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\Shortcut to NetHackW.lnk
[2011/08/19 23:01:36 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/19 20:53:28 | 000,001,419 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Scrivener.lnk
[2011/08/19 15:56:51 | 000,000,663 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ingram Media Manager.lnk
[2011/08/18 18:52:01 | 000,001,965 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OneClickdigital Media Manager.lnk
[2011/08/18 17:14:55 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2011/08/13 20:25:58 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\Kelton.csv
[2011/08/12 12:54:13 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/08/12 00:09:55 | 000,495,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/12 00:09:55 | 000,085,668 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\Documents and Settings\Lacey Smith\*.tmp files -> C:\Documents and Settings\Lacey Smith\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/07 16:51:42 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 16:37:19 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat
[2011/09/07 15:12:51 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/07 15:12:45 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\NTREGOPT.lnk
[2011/09/07 15:12:45 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\ERUNT.lnk
[2011/09/06 20:44:47 | 000,000,553 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\Shortcut to checked out.lnk
[2011/09/06 20:34:21 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
[2011/09/03 17:27:53 | 000,001,693 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/09/03 16:00:05 | 000,002,276 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\f630ae3d
[2011/09/03 14:44:44 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\8930d6c7
[2011/09/02 18:52:32 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\e1952638
[2011/09/02 18:49:11 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\0148d9c7
[2011/08/26 17:02:36 | 000,101,562 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.pdf
[2011/08/25 16:58:58 | 000,019,885 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.odt
[2011/08/24 16:23:20 | 000,000,877 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/08/20 16:58:10 | 000,013,691 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\corn cakes.odt
[2011/08/19 20:53:28 | 000,001,419 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Scrivener.lnk
[2011/08/18 18:52:01 | 000,001,965 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OneClickdigital Media Manager.lnk
[2011/08/18 17:14:55 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2011/08/12 16:04:25 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\Kelton.csv
[2011/08/12 15:27:26 | 000,000,663 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ingram Media Manager.lnk
[2011/08/12 12:54:13 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/08/11 15:59:58 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/04 16:57:40 | 001,029,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1809832699-1238661117-741939197-1005-0.dat
[2011/08/04 16:57:31 | 000,303,042 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/07/30 20:03:17 | 000,000,092 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2011/07/30 20:03:14 | 000,000,270 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011/07/30 20:02:39 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2011/07/30 20:02:34 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LEXPING.EXE
[2011/07/30 20:02:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2011/07/30 20:02:02 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2010/07/01 20:59:34 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\EC3C4AFDC0.sys
[2010/07/01 20:59:32 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/04/11 14:53:34 | 000,014,022 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\wklnhst.dat
[2010/04/04 21:17:13 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/01 18:23:24 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\M3000DIF.dll
[2010/04/01 18:23:24 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\M3000KNT.sys
[2010/04/01 18:23:24 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M3000Twn.ini
[2010/04/01 18:23:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\AutosetFrequency.exe
[2010/04/01 18:23:19 | 000,000,639 | ---- | C] () -- C:\WINDOWS\AutoSetFrequency.ini
[2010/04/01 15:37:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/12 02:47:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/03/12 01:56:32 | 000,090,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2009/03/12 01:56:32 | 000,000,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/03/12 01:56:32 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/03/12 01:56:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/03/12 01:55:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/03/12 01:10:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2009/03/12 01:10:15 | 000,006,782 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/03/12 01:09:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/12 01:06:10 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/12 01:05:25 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/03/11 17:03:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/11 17:02:48 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 08:53:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2009/03/11 08:53:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/03/11 08:53:05 | 000,495,960 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/11 08:53:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/03/11 08:53:05 | 000,085,668 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/11 08:53:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/03/11 08:53:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/03/11 08:53:04 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/03/11 08:53:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/03/11 08:53:02 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/03/11 08:53:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/03/11 08:52:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/03/11 08:52:57 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

========== LOP Check ==========

[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer GameZone Console
[2011/09/03 17:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 17:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/03 16:30:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/12 02:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2011/09/03 17:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/08/19 16:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCD FILES
[2011/08/19 21:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCDInfo
[2011/08/11 11:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCDTemp
[2010/05/30 21:17:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Lacey Smith\Application Data\.#
[2011/07/21 18:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\.purple
[2009/03/12 02:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Acer
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Acer GameZone Console
[2010/09/12 23:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Amazon
[2010/12/01 13:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Barnes & Noble
[2011/08/24 15:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\FileZilla
[2010/04/01 15:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Greyfirst
[2011/08/12 15:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\OpenOffice.org
[2010/08/24 19:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\OverDrive
[2011/07/29 18:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\SmartDraw
[2009/03/12 02:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Super-Cow
[2011/06/22 23:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Template
[2011/08/20 18:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Vulture

========== Purity Check ==========



< End of report >

Hopefully someone can help me with this.

[Advertisements]

Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out

Redirects are evident using both browsers - Internet Explorer and FireFox?

Do you use a router and are any other computers using it experiencing the same redirects?

Step 1

GMER Rootkit Scanner

• Download GMER from HERE.
• Extract the contents of zipped file to your desktop.
• Double click GMER.exe.
  
  
• If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
• In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED:
• IAT/EAT
• Drives/Partition other than Systemdrive (typically C:\)
• Show All (don't miss this one)

NOTE - Not all of the tick boxes will be available if you are running a 64bit Operating System. You may also get an error message display on the screen when using a 64bit Operating System, this is normal, just click on OK and let it carry on.

• Then click the Scan button & wait for it to finish.
• Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
• Save the log where you can easily find it, such as your desktop.
• Please copy and paste the report into your Post.

Caution - Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Step 2

Delete your copy of OTL.exe from your Desktop.

OTL Custom Scan

• Download OTL to your desktop.
• Double click on the icon to run it.
• Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top, make sure Stadard output is selected.
• Select Scan all users
• Under the Extra Registry section, check Use SafeList
• Check the boxes beside LOP Check and Purity Check.
• Under the Custom Scans/Fixes box copy and paste this in:
  
  

  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  %systemroot%\*. /mp /s
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  CREATERESTOREPOINT

• Click the button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

When completed the above, please post back the following in the order asked for:

• ark.txt
  
• OTL scan log
  
• Extras log
  

[Render]

Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out

Redirects are evident using both browsers - Internet Explorer and FireFox?

Do you use a router and are any other computers using it experiencing the same redirects?

Step 1

GMER Rootkit Scanner

• Download GMER from HERE.
• Extract the contents of zipped file to your desktop.
• Double click GMER.exe.
  
  
• If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
• In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED:
• IAT/EAT
• Drives/Partition other than Systemdrive (typically C:\)
• Show All (don't miss this one)

NOTE - Not all of the tick boxes will be available if you are running a 64bit Operating System. You may also get an error message display on the screen when using a 64bit Operating System, this is normal, just click on OK and let it carry on.

• Then click the Scan button & wait for it to finish.
• Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
• Save the log where you can easily find it, such as your desktop.
• Please copy and paste the report into your Post.

Caution - Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Step 2

Delete your copy of OTL.exe from your Desktop.

OTL Custom Scan

• Download OTL to your desktop.
• Double click on the icon to run it.
• Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top, make sure Stadard output is selected.
• Select Scan all users
• Under the Extra Registry section, check Use SafeList
• Check the boxes beside LOP Check and Purity Check.
• Under the Custom Scans/Fixes box copy and paste this in:
  
  

  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  %systemroot%\*. /mp /s
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  CREATERESTOREPOINT

• Click the button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

When completed the above, please post back the following in the order asked for:

• ark.txt
  
• OTL scan log
  
• Extras log
  

[Lazey]

It seems to only effect google searches through firefox. Explorer and google chrome are fine. Could it be as simple as getting rid of and reinstalling firefox?

I usually get online at a cafe, password protected connection, as far as I know no one else has the virus.

Er, the log files are too long/big to post/attach. Sorry for multi posting.

Edit- I'll try to post them tomorrow.

Edited by Lazey, 07 September 2011 - 05:12 PM.

[Render]

OK. If you can not post them please proceed with aswMBR. It will produce short log.

• Please download aswMBR.exe to your desktop.
• Double click the aswMBR.exe to run it.
  
  
  
• When asked if you want to download Avast's virus definitions please select No.
• Click the Scan button to start scan.
  
  
  
• On completion of the scan click Save log, save it to your desktop and post in your next reply.

[Lazey]

Here it is:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-07 16:27:41
-----------------------------
16:27:41.328 OS Version: Windows 5.1.2600 Service Pack 3
16:27:41.328 Number of processors: 2 586 0x1C02
16:27:41.328 ComputerName: ACER-330BB84976 UserName: Lacey Smith
16:27:43.031 Initialize success
16:27:44.156 AVAST engine defs: 11090700
16:27:49.921 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
16:27:49.937 Disk 0 Vendor: Hitachi_ FB2O Size: 152627MB BusType: 3
16:27:50.031 Disk 0 MBR read successfully
16:27:50.046 Disk 0 MBR scan
16:27:50.078 Disk 0 Windows VISTA default MBR code
16:27:50.109 Disk 0 scanning sectors +312578048
16:27:50.218 Disk 0 scanning C:\WINDOWS\system32\drivers
16:28:00.515 Service scanning
16:28:02.093 Modules scanning
16:28:13.218 Disk 0 trace - called modules:
16:28:13.281 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
16:28:13.296 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f30570]
16:28:13.312 3 CLASSPNP.SYS[f78bdfd7] -> nt!IofCallDriver -> \Device\00000091[0x86f75200]
16:28:13.328 5 ACPI.sys[f77b4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86f5a030]
16:28:14.718 AVAST engine scan C:\WINDOWS
16:28:30.453 AVAST engine scan C:\WINDOWS\system32
16:30:33.296 AVAST engine scan C:\WINDOWS\system32\drivers
16:30:49.765 AVAST engine scan C:\Documents and Settings\Lacey Smith
16:35:45.328 AVAST engine scan C:\Documents and Settings\All Users
16:36:20.781 Scan finished successfully
16:37:19.718 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat"
16:37:19.750 The log file has been saved successfully to "C:\Documents and Settings\Lacey Smith\Desktop\aswMBR.txt"


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-08 14:02:09
-----------------------------
14:02:09.750 OS Version: Windows 5.1.2600 Service Pack 3
14:02:09.750 Number of processors: 2 586 0x1C02
14:02:09.750 ComputerName: ACER-330BB84976 UserName: Lacey Smith
14:02:22.781 Initialize success
14:02:23.656 AVAST engine defs: 11090801
14:02:48.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
14:02:48.437 Disk 0 Vendor: Hitachi_ FB2O Size: 152627MB BusType: 3
14:02:48.484 Disk 0 MBR read successfully
14:02:48.500 Disk 0 MBR scan
14:02:48.515 Disk 0 Windows VISTA default MBR code
14:02:48.546 Disk 0 scanning sectors +312578048
14:02:48.671 Disk 0 scanning C:\WINDOWS\system32\drivers
14:02:59.125 Service scanning
14:03:00.875 Modules scanning
14:03:11.156 Disk 0 trace - called modules:
14:03:11.171 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
14:03:11.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f67ab8]
14:03:11.171 3 CLASSPNP.SYS[f78bdfd7] -> nt!IofCallDriver -> \Device\00000092[0x86f741a8]
14:03:11.187 5 ACPI.sys[f77b4620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86f6e030]
14:03:11.984 AVAST engine scan C:\WINDOWS
14:03:26.781 AVAST engine scan C:\WINDOWS\system32
14:05:31.015 AVAST engine scan C:\WINDOWS\system32\drivers
14:05:47.218 AVAST engine scan C:\Documents and Settings\Lacey Smith
14:11:28.781 AVAST engine scan C:\Documents and Settings\All Users
14:12:05.078 Scan finished successfully
14:12:57.046 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat"
14:12:57.093 The log file has been saved successfully to "C:\Documents and Settings\Lacey Smith\Desktop\aswMBR.txt"

[Render]

MBR is looking healthy. Please try one more time with OTL scan and post or attach log files.

OTL Custom Scan

• Download OTL to your desktop.
• Double click on the icon to run it.
• Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top, make sure Stadard output is selected.
• Select Scan all users
• Under the Extra Registry section, check Use SafeList
• Check the boxes beside LOP Check and Purity Check.
• Under the Custom Scans/Fixes box copy and paste this in:
  
  

  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  volsnap.sys
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  %systemroot%\*. /mp /s
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  CREATERESTOREPOINT

• Click the button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

[Lazey]

Ok

OTL logfile created on: 9/8/2011 2:41:38 PM - Run 3
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Lacey Smith\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.88 Mb Total Physical Memory | 305.16 Mb Available Physical Memory | 30.10% Memory free
2.38 Gb Paging File | 1.82 Gb Available in Paging File | 76.24% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.05 Gb Total Space | 77.64 Gb Free Space | 54.66% Space Free | Partition Type: NTFS

Computer Name: ACER-330BB84976 | User Name: Lacey Smith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/08 14:39:40 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\My Documents\Downloads\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 07:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009/02/11 18:46:28 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/02/05 11:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008/12/30 03:09:54 | 000,875,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/10/14 11:15:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\WebCam\M3000\M3000Mnt.exe
PRC - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 20:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/13 13:33:14 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2006/07/13 13:22:50 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/08 05:18:20 | 001,556,480 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090801\algo.dll
MOD - [2011/09/07 19:52:20 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090801\aswRep.dll
MOD - [2011/09/07 04:43:50 | 001,386,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090700\algo.dll
MOD - [2011/09/05 04:17:50 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090700\aswRep.dll
MOD - [2011/05/22 13:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/05/11 14:23:05 | 001,874,904 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/03/21 14:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/10/06 14:27:42 | 005,969,360 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008/10/14 11:15:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\WebCam\M3000\M3000Mnt.exe
MOD - [2006/01/19 12:33:38 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXCZPP5C.DLL
MOD - [2003/06/07 01:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/02/05 11:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/04 07:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 07:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 07:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 07:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 07:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 07:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 07:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/03/02 01:03:46 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/25 20:17:52 | 001,344,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/02/24 04:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/02/03 02:42:30 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/01/02 18:33:54 | 000,145,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\M3000KNT.sys -- (M3000Srv)
DRV - [2008/08/05 08:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/06/27 09:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 09:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/11/02 09:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/01/04 03:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...10&m=aspire_one
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...10&m=aspire_one


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]

IE - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...10&m=aspire_one
IE - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]
IE - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: [email protected]:0.1
FF - prefs.js..extensions.enabledItems: [email protected]:0.1.2008d

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/03 17:26:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/11 14:23:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/11 14:23:26 | 000,000,000 | ---D | M]

[2010/04/01 15:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Extensions
[2010/04/01 15:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Extensions\[email protected]
[2011/09/07 15:28:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions
[2010/04/27 17:11:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/07 16:10:44 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{ae544a9c-7f4c-469e-bf96-5c9053540de4}
[2011/04/02 19:16:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/12 12:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/12 12:49:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/05/11 14:23:00 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/12 12:49:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/11 14:23:09 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/07 15:17:01 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [M3000Mnt] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1809832699-1238661117-741939197-1005..\Run: [Corel Photo Downloader] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O4 - Startup: C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.151.8.210 24.151.8.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A02DC451-2735-480A-98C2-245BC520EB57}: DhcpNameServer = 24.151.8.210 24.151.8.211
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/12 01:07:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/07 18:33:11 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
[2011/09/07 16:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\Malwarebytes
[2011/09/07 16:51:42 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/07 16:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/07 16:51:36 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/07 16:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/07 16:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/09/07 15:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Desktop\GooredFix Backups
[2011/09/07 15:13:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/07 15:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/09/07 15:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/09/07 15:09:13 | 001,932,256 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Lacey Smith\Desktop\FixTDSS.exe
[2011/09/06 20:30:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/09/06 19:25:42 | 001,402,672 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lacey Smith\Desktop\TDSSKiller.exe
[2011/09/04 14:16:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/09/03 17:27:53 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/03 17:27:53 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/03 17:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/09/03 17:27:49 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/03 17:27:48 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/03 17:27:48 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/03 17:27:47 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/03 17:27:47 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/03 17:27:47 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/03 17:26:51 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/03 17:26:50 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/03 17:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/03 17:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 16:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/09/03 16:30:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/09/03 16:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/03 16:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/09/02 20:05:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\timesheet
[2011/08/24 16:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Barnes & Noble
[2011/08/20 18:39:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\Vulture
[2011/08/18 18:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Recorded Books
[2011/08/18 17:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\FileZilla
[2011/08/18 17:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2011/08/18 17:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/08/12 17:30:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\Town of Eastford
[2011/08/12 15:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\OpenOffice.org
[2011/08/12 15:28:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\My imm Media
[2011/08/12 15:27:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ingram Media Manager
[2011/08/12 15:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Ingram Media Manager
[2011/08/12 12:54:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3
[2011/08/12 12:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011/08/12 12:49:50 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/08/12 12:49:50 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/08/12 12:49:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/08/12 12:49:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/08/12 12:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Desktop\OpenOffice.org 3.3 (en-US) Installation Files
[2009/03/11 08:53:14 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[1 C:\Documents and Settings\Lacey Smith\*.tmp files -> C:\Documents and Settings\Lacey Smith\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/08 14:48:05 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/08 14:12:57 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat
[2011/09/08 13:59:20 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/08 13:59:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/07 18:33:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
[2011/09/07 17:16:19 | 001,402,672 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lacey Smith\Desktop\TDSSKiller.exe
[2011/09/07 17:04:28 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\0148d9c7
[2011/09/07 17:02:09 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\e1952638
[2011/09/07 16:51:42 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 16:42:06 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/07 15:36:29 | 000,002,276 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\f630ae3d
[2011/09/07 15:17:01 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/09/07 15:12:51 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/07 15:12:45 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\NTREGOPT.lnk
[2011/09/07 15:12:45 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\ERUNT.lnk
[2011/09/07 15:09:18 | 001,932,256 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Lacey Smith\Desktop\FixTDSS.exe
[2011/09/06 20:44:47 | 000,000,553 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\Shortcut to checked out.lnk
[2011/09/06 20:34:23 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/09/06 20:29:10 | 000,014,022 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\wklnhst.dat
[2011/09/06 20:29:05 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\checked out.wdb
[2011/09/03 17:27:53 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/09/03 17:27:48 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/03 15:44:44 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\8930d6c7
[2011/09/03 13:53:32 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/09/03 06:17:37 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/30 20:03:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/26 17:02:38 | 000,101,562 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.pdf
[2011/08/25 16:58:59 | 000,019,885 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.odt
[2011/08/25 01:27:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/24 16:23:20 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/08/20 16:58:11 | 000,013,691 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\corn cakes.odt
[2011/08/20 15:36:44 | 000,000,899 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\Shortcut to NetHackW.lnk
[2011/08/19 23:01:36 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/19 20:53:28 | 000,001,419 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Scrivener.lnk
[2011/08/19 15:56:51 | 000,000,663 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ingram Media Manager.lnk
[2011/08/18 18:52:01 | 000,001,965 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OneClickdigital Media Manager.lnk
[2011/08/18 17:14:55 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2011/08/13 20:25:58 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\Kelton.csv
[2011/08/12 12:54:13 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/08/12 12:49:21 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/08/12 12:49:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/08/12 12:49:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/08/12 12:49:21 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/08/12 12:49:18 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/08/12 00:09:55 | 000,495,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/12 00:09:55 | 000,085,668 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\Documents and Settings\Lacey Smith\*.tmp files -> C:\Documents and Settings\Lacey Smith\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/07 16:51:42 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 16:37:19 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat
[2011/09/07 15:12:51 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/07 15:12:45 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\NTREGOPT.lnk
[2011/09/07 15:12:45 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\ERUNT.lnk
[2011/09/06 20:44:47 | 000,000,553 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\Shortcut to checked out.lnk
[2011/09/06 20:34:21 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
[2011/09/03 17:27:53 | 000,001,693 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/09/03 16:00:05 | 000,002,276 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\f630ae3d
[2011/09/03 14:44:44 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\8930d6c7
[2011/09/02 18:52:32 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\e1952638
[2011/09/02 18:49:11 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\0148d9c7
[2011/08/26 17:02:36 | 000,101,562 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.pdf
[2011/08/25 16:58:58 | 000,019,885 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.odt
[2011/08/24 16:23:20 | 000,000,877 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/08/20 16:58:10 | 000,013,691 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\corn cakes.odt
[2011/08/19 20:53:28 | 000,001,419 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Scrivener.lnk
[2011/08/18 18:52:01 | 000,001,965 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OneClickdigital Media Manager.lnk
[2011/08/18 17:14:55 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2011/08/12 16:04:25 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\Kelton.csv
[2011/08/12 15:27:26 | 000,000,663 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ingram Media Manager.lnk
[2011/08/12 12:54:13 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/08/11 15:59:58 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/04 16:57:40 | 001,029,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1809832699-1238661117-741939197-1005-0.dat
[2011/08/04 16:57:31 | 000,303,042 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/07/30 20:03:17 | 000,000,092 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2011/07/30 20:03:14 | 000,000,270 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011/07/30 20:02:39 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2011/07/30 20:02:34 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LEXPING.EXE
[2011/07/30 20:02:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2011/07/30 20:02:02 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2010/07/01 20:59:34 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\EC3C4AFDC0.sys
[2010/07/01 20:59:32 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/04/11 14:53:34 | 000,014,022 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\wklnhst.dat
[2010/04/04 21:17:13 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/01 18:23:24 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\M3000DIF.dll
[2010/04/01 18:23:24 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\M3000KNT.sys
[2010/04/01 18:23:24 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M3000Twn.ini
[2010/04/01 18:23:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\AutosetFrequency.exe
[2010/04/01 18:23:19 | 000,000,639 | ---- | C] () -- C:\WINDOWS\AutoSetFrequency.ini
[2010/04/01 15:37:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/12 02:47:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/03/12 01:56:32 | 000,090,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2009/03/12 01:56:32 | 000,000,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/03/12 01:56:32 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/03/12 01:56:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/03/12 01:55:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/03/12 01:10:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2009/03/12 01:10:15 | 000,006,782 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/03/12 01:09:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/12 01:06:10 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/12 01:05:25 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/03/11 17:03:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/11 17:02:48 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 08:53:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2009/03/11 08:53:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/03/11 08:53:05 | 000,495,960 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/11 08:53:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/03/11 08:53:05 | 000,085,668 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/11 08:53:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/03/11 08:53:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/03/11 08:53:04 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/03/11 08:53:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/03/11 08:53:02 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/03/11 08:53:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/03/11 08:52:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/03/11 08:52:57 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

========== LOP Check ==========

[2009/03/12 02:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer GameZone Console
[2009/03/12 02:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Super-Cow
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer GameZone Console
[2011/09/03 17:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 17:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/03 16:30:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/12 02:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2011/09/03 17:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/08/19 16:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCD FILES
[2011/08/19 21:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCDInfo
[2011/08/11 11:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCDTemp
[2009/03/12 02:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Acer
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Acer GameZone Console
[2009/03/12 02:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Super-Cow
[2010/05/30 21:17:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Lacey Smith\Application Data\.#
[2011/07/21 18:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\.purple
[2009/03/12 02:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Acer
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Acer GameZone Console
[2010/09/12 23:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Amazon
[2010/12/01 13:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Barnes & Noble
[2011/08/24 15:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\FileZilla
[2010/04/01 15:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Greyfirst
[2011/08/12 15:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\OpenOffice.org
[2010/08/24 19:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\OverDrive
[2011/07/29 18:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\SmartDraw
[2009/03/12 02:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Super-Cow
[2011/06/22 23:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Template
[2011/08/20 18:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Vulture
[2010/04/01 15:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2008/04/14 08:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\dllcache\volsnap.sys
[2008/04/14 08:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys

< MD5 for: WINLOGON.EXE >
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/06/20 07:29:11 | 000,634,648 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/06/20 07:29:11 | 000,634,648 | ---- | M] (Microsoft Corporation)

< End of report >

OTL Extras logfile created on: 9/8/2011 2:41:38 PM - Run 3
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Lacey Smith\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.88 Mb Total Physical Memory | 305.16 Mb Available Physical Memory | 30.10% Memory free
2.38 Gb Paging File | 1.82 Gb Available in Paging File | 76.24% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.05 Gb Total Space | 77.64 Gb Free Space | 54.66% Space Free | Partition Type: NTFS

Computer Name: ACER-330BB84976 | User Name: Lacey Smith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1809832699-1238661117-741939197-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1707FF35-300D-4C78-A94A-2E3D515F6DB3}" = Ingram Media Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 22
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{56A648C2-D185-46A9-BBFF-78AE7A503000}" = WebCam
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11198580}" = Fizzball
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115329757}" = Jewelleria
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}" = OverDrive Media Console
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E6C6B88F-3A71-4125-9839-0043F7EC1AE6}" = OneClickdigital Media Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"00BD1CD47675C125126C80095FCC12CFA4D311DB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"7-Zip 9.20" = 7-Zip 9.20
"A622B79B943ECA1F0AECF1FF5BE13D458F345EBB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Free Antivirus
"BN_DesktopReader" = NOOK for PC
"Celtx (2.9)" = Celtx (2.9)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Setup.divx.com" = DivX Setup
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.5.0
"FLV Player" = FLV Player 2.0 (build 25)
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"Lexmark 1200 Series" = Lexmark 1200 Series
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Pidgin" = Pidgin
"Scrivener 029" = Scrivener
"Sleeptracker Pro 1.0.2_is1" = Sleeptracker Pro 1.0.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.0.1
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/4/2011 1:45:10 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: PureHD -- Error 1706.No valid source could be found for product
PureHD. The Windows Installer cannot continue.

Error - 9/4/2011 1:45:11 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: VIO -- Error 1706.No valid source could be found for product
VIO. The Windows Installer cannot continue.

Error - 9/4/2011 1:45:11 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: PSPH10Pro -- Error 1706.No valid source could be found for
product PSPH10Pro. The Windows Installer cannot continue.

Error - 9/4/2011 1:45:12 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: Corel PaintShop Photo Pro X3 -- Error 1706.No valid source
could be found for product Corel PaintShop Photo Pro X3. The Windows Installer
cannot continue.

Error - 9/4/2011 1:45:13 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: Share -- Error 1706.No valid source could be found for product
Share. The Windows Installer cannot continue.

Error - 9/4/2011 1:45:13 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: Contents -- Error 1706.No valid source could be found for
product Contents. The Windows Installer cannot continue.

Error - 9/4/2011 1:45:13 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: PSPPContent -- Error 1706.No valid source could be found
for product PSPPContent. The Windows Installer cannot continue.

Error - 9/4/2011 1:45:14 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: PSPPRO_DCRAW -- Error 1706.No valid source could be found
for product PSPPRO_DCRAW. The Windows Installer cannot continue.

Error - 9/4/2011 1:45:14 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: IPM_PSP_Pro -- Error 1706.No valid source could be found
for product IPM_PSP_Pro. The Windows Installer cannot continue.

Error - 9/4/2011 1:45:14 PM | Computer Name = ACER-330BB84976 | Source = MsiInstaller | ID = 11706
Description = Product: ICA -- Error 1706.No valid source could be found for product
ICA. The Windows Installer cannot continue.

[ System Events ]
Error - 9/5/2011 11:43:21 AM | Computer Name = ACER-330BB84976 | Source = Service Control Manager | ID = 7001
Description = The Fax service depends on the Print Spooler service which failed
to start because of the following error: %%1068

Error - 9/5/2011 11:43:21 AM | Computer Name = ACER-330BB84976 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 9/5/2011 11:43:21 AM | Computer Name = ACER-330BB84976 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 AFD aswRdr aswSnx aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss
Tcpip

Error - 9/6/2011 7:56:54 PM | Computer Name = ACER-330BB84976 | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 9/7/2011 3:16:57 PM | Computer Name = ACER-330BB84976 | Source = Service Control Manager | ID = 7034
Description = The LexBce Server service terminated unexpectedly. It has done this
1 time(s).

Error - 9/7/2011 3:16:57 PM | Computer Name = ACER-330BB84976 | Source = Service Control Manager | ID = 7034
Description = The Intel® Matrix Storage Event Monitor service terminated unexpectedly.
It has done this 1 time(s).

Error - 9/7/2011 3:16:58 PM | Computer Name = ACER-330BB84976 | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/7/2011 3:16:59 PM | Computer Name = ACER-330BB84976 | Source = Service Control Manager | ID = 7034
Description = The Raw Socket Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/7/2011 4:12:32 PM | Computer Name = ACER-330BB84976 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error - 9/7/2011 5:06:02 PM | Computer Name = ACER-330BB84976 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde


< End of report >

[Render]

Please follow the steps below:

Step 1

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2

• Ensure all Firefox windows are closed.
• To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
• When prompted to run the scan, click Yes.
• GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

Step 2

Malwarebytes' Anti-Malware

I see that you have Malwarebytes' Anti-Malware installed on your computer could you please do a scan using these settings:

• Open Malwarebytes' Anti-Malware.
• Select the Update tab.
• Click on Check for Updates button.
• Click on OK.
• Select the Scanner tab.
• Select Perform quick scan, then click on Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 3

OTL Custom Scan

• Double click on the icon to run it.
• Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top, make sure Stadard output is selected.
• Select Scan all users
• Check the boxes beside LOP Check and Purity Check.
• Under the Custom Scans/Fixes box copy and paste this in:
  
  

  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  %systemroot%\*. /mp /s
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  CREATERESTOREPOINT

• Click the button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open OTL.Txt in Notepad window.
• Please copy (Edit->Select All, Edit->Copy) the content of this file and post it with your next reply.

When completed the above, please post back the following in the order asked for:

• GooredFix.txt
• MBAM log
• OTL scan log
  

[Lazey]

Here goes:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 16:00 on 08/09/2011 (Lacey Smith)
Firefox version 4.0.1 (en-US)

========== GooredScan ==========

Deleting "C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{ae544a9c-7f4c-469e-bf96-5c9053540de4}" -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [19:37 01/04/2010]
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [19:55 04/04/2010]
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [16:49 12/08/2011]

C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b} [21:11 27/04/2010]
{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [23:16 02/04/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [03:32 06/04/2010]
"[email protected]"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [16:49 12/08/2011]
"[email protected]"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21:26 03/09/2011]

---------- Old Logs ----------
GooredFix[19.27.06_07-09-2011].txt

-=E.O.F=-

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7679

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

9/8/2011 4:07:53 PM
mbam-log-2011-09-08 (16-07-53).txt

Scan type: Quick scan
Objects scanned: 170684
Time elapsed: 5 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL logfile created on: 9/8/2011 4:10:40 PM - Run 4
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Lacey Smith\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.88 Mb Total Physical Memory | 470.88 Mb Available Physical Memory | 46.44% Memory free
2.38 Gb Paging File | 1.99 Gb Available in Paging File | 83.64% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.05 Gb Total Space | 77.60 Gb Free Space | 54.63% Space Free | Partition Type: NTFS

Computer Name: ACER-330BB84976 | User Name: Lacey Smith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/07 18:33:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 07:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009/02/11 18:46:28 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/02/05 11:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008/12/30 03:09:54 | 000,875,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/10/14 11:15:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\WebCam\M3000\M3000Mnt.exe
PRC - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 20:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/13 13:33:14 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2006/07/13 13:22:50 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/08 05:18:20 | 001,556,480 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090801\algo.dll
MOD - [2011/09/07 19:52:20 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090801\aswRep.dll
MOD - [2011/09/07 04:43:50 | 001,386,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090700\algo.dll
MOD - [2011/09/05 04:17:50 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090700\aswRep.dll
MOD - [2011/05/22 13:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/03/21 14:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2008/10/14 11:15:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\WebCam\M3000\M3000Mnt.exe
MOD - [2006/01/19 12:33:38 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXCZPP5C.DLL
MOD - [2003/06/07 01:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/02/05 11:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/04 07:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 07:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 07:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 07:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 07:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 07:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 07:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/03/02 01:03:46 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/25 20:17:52 | 001,344,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/02/24 04:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/02/03 02:42:30 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/01/02 18:33:54 | 000,145,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\M3000KNT.sys -- (M3000Srv)
DRV - [2008/08/05 08:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/06/27 09:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 09:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/11/02 09:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/01/04 03:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...10&m=aspire_one
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...10&m=aspire_one


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]

IE - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...10&m=aspire_one
IE - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]
IE - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: [email protected]:0.1
FF - prefs.js..extensions.enabledItems: [email protected]:0.1.2008d

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/03 17:26:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/11 14:23:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/11 14:23:26 | 000,000,000 | ---D | M]

[2010/04/01 15:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Extensions
[2010/04/01 15:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Extensions\[email protected]
[2011/09/08 16:00:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions
[2010/04/27 17:11:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/02 19:16:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/12 12:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/12 12:49:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/05/11 14:23:00 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/12 12:49:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/11 14:23:09 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/07 15:17:01 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [M3000Mnt] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1809832699-1238661117-741939197-1005..\Run: [Corel Photo Downloader] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O4 - Startup: C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1809832699-1238661117-741939197-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.151.8.210 24.151.8.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A02DC451-2735-480A-98C2-245BC520EB57}: DhcpNameServer = 24.151.8.210 24.151.8.211
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/12 01:07:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/07 18:33:11 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
[2011/09/07 16:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\Malwarebytes
[2011/09/07 16:51:42 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/07 16:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/07 16:51:36 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/07 16:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/07 16:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/09/07 15:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Desktop\GooredFix Backups
[2011/09/07 15:13:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/07 15:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/09/07 15:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/09/07 15:09:13 | 001,932,256 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Lacey Smith\Desktop\FixTDSS.exe
[2011/09/06 20:30:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/09/06 19:25:42 | 001,402,672 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lacey Smith\Desktop\TDSSKiller.exe
[2011/09/04 14:16:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/09/03 17:27:53 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/03 17:27:53 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/03 17:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/09/03 17:27:49 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/03 17:27:48 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/03 17:27:48 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/03 17:27:47 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/03 17:27:47 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/03 17:27:47 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/03 17:26:51 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/03 17:26:50 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/03 17:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/03 17:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 16:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/09/03 16:30:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/09/03 16:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/03 16:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/09/02 20:05:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\timesheet
[2011/08/24 16:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Barnes & Noble
[2011/08/20 18:39:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\Vulture
[2011/08/18 18:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Recorded Books
[2011/08/18 17:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\FileZilla
[2011/08/18 17:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2011/08/18 17:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/08/12 17:30:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\Town of Eastford
[2011/08/12 15:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\OpenOffice.org
[2011/08/12 15:28:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\My imm Media
[2011/08/12 15:27:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ingram Media Manager
[2011/08/12 15:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Ingram Media Manager
[2011/08/12 12:54:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3
[2011/08/12 12:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011/08/12 12:49:50 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/08/12 12:49:50 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/08/12 12:49:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/08/12 12:49:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/08/12 12:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Desktop\OpenOffice.org 3.3 (en-US) Installation Files
[2009/03/11 08:53:14 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[1 C:\Documents and Settings\Lacey Smith\*.tmp files -> C:\Documents and Settings\Lacey Smith\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/08 15:48:01 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/08 14:12:57 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat
[2011/09/08 13:59:20 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/08 13:59:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/07 18:33:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
[2011/09/07 17:16:19 | 001,402,672 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lacey Smith\Desktop\TDSSKiller.exe
[2011/09/07 17:04:28 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\0148d9c7
[2011/09/07 17:02:09 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\e1952638
[2011/09/07 16:51:42 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 16:42:06 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/07 15:36:29 | 000,002,276 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\f630ae3d
[2011/09/07 15:17:01 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/09/07 15:12:51 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/07 15:12:45 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\NTREGOPT.lnk
[2011/09/07 15:12:45 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\ERUNT.lnk
[2011/09/07 15:09:18 | 001,932,256 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Lacey Smith\Desktop\FixTDSS.exe
[2011/09/06 20:44:47 | 000,000,553 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\Shortcut to checked out.lnk
[2011/09/06 20:34:23 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/09/06 20:29:10 | 000,014,022 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\wklnhst.dat
[2011/09/06 20:29:05 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\checked out.wdb
[2011/09/03 17:27:53 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/09/03 17:27:48 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/03 15:44:44 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\8930d6c7
[2011/09/03 13:53:32 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/09/03 06:17:37 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/30 20:03:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/26 17:02:38 | 000,101,562 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.pdf
[2011/08/25 16:58:59 | 000,019,885 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.odt
[2011/08/25 01:27:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/24 16:23:20 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/08/20 16:58:11 | 000,013,691 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\corn cakes.odt
[2011/08/20 15:36:44 | 000,000,899 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\Shortcut to NetHackW.lnk
[2011/08/19 23:01:36 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/19 20:53:28 | 000,001,419 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Scrivener.lnk
[2011/08/19 15:56:51 | 000,000,663 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ingram Media Manager.lnk
[2011/08/18 18:52:01 | 000,001,965 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OneClickdigital Media Manager.lnk
[2011/08/18 17:14:55 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2011/08/13 20:25:58 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\Kelton.csv
[2011/08/12 12:54:13 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/08/12 12:49:21 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/08/12 12:49:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/08/12 12:49:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/08/12 12:49:21 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/08/12 12:49:18 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/08/12 00:09:55 | 000,495,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/12 00:09:55 | 000,085,668 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\Documents and Settings\Lacey Smith\*.tmp files -> C:\Documents and Settings\Lacey Smith\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/07 16:51:42 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 16:37:19 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat
[2011/09/07 15:12:51 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/07 15:12:45 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\NTREGOPT.lnk
[2011/09/07 15:12:45 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\ERUNT.lnk
[2011/09/06 20:44:47 | 000,000,553 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\Shortcut to checked out.lnk
[2011/09/06 20:34:21 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
[2011/09/03 17:27:53 | 000,001,693 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/09/03 16:00:05 | 000,002,276 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\f630ae3d
[2011/09/03 14:44:44 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\8930d6c7
[2011/09/02 18:52:32 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\e1952638
[2011/09/02 18:49:11 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\0148d9c7
[2011/08/26 17:02:36 | 000,101,562 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.pdf
[2011/08/25 16:58:58 | 000,019,885 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.odt
[2011/08/24 16:23:20 | 000,000,877 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/08/20 16:58:10 | 000,013,691 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\corn cakes.odt
[2011/08/19 20:53:28 | 000,001,419 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Scrivener.lnk
[2011/08/18 18:52:01 | 000,001,965 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OneClickdigital Media Manager.lnk
[2011/08/18 17:14:55 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2011/08/12 16:04:25 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\Kelton.csv
[2011/08/12 15:27:26 | 000,000,663 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ingram Media Manager.lnk
[2011/08/12 12:54:13 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/08/11 15:59:58 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/04 16:57:40 | 001,029,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1809832699-1238661117-741939197-1005-0.dat
[2011/08/04 16:57:31 | 000,303,042 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/07/30 20:03:17 | 000,000,092 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2011/07/30 20:03:14 | 000,000,270 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011/07/30 20:02:39 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2011/07/30 20:02:34 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LEXPING.EXE
[2011/07/30 20:02:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2011/07/30 20:02:02 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2010/07/01 20:59:34 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\EC3C4AFDC0.sys
[2010/07/01 20:59:32 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/04/11 14:53:34 | 000,014,022 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\wklnhst.dat
[2010/04/04 21:17:13 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/01 18:23:24 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\M3000DIF.dll
[2010/04/01 18:23:24 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\M3000KNT.sys
[2010/04/01 18:23:24 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M3000Twn.ini
[2010/04/01 18:23:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\AutosetFrequency.exe
[2010/04/01 18:23:19 | 000,000,639 | ---- | C] () -- C:\WINDOWS\AutoSetFrequency.ini
[2010/04/01 15:37:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/12 02:47:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/03/12 01:56:32 | 000,090,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2009/03/12 01:56:32 | 000,000,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/03/12 01:56:32 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/03/12 01:56:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/03/12 01:55:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/03/12 01:10:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2009/03/12 01:10:15 | 000,006,782 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/03/12 01:09:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/12 01:06:10 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/12 01:05:25 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/03/11 17:03:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/11 17:02:48 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 08:53:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2009/03/11 08:53:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/03/11 08:53:05 | 000,495,960 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/11 08:53:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/03/11 08:53:05 | 000,085,668 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/11 08:53:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/03/11 08:53:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/03/11 08:53:04 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/03/11 08:53:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/03/11 08:53:02 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/03/11 08:53:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/03/11 08:52:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/03/11 08:52:57 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

========== LOP Check ==========

[2009/03/12 02:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer GameZone Console
[2009/03/12 02:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Super-Cow
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer GameZone Console
[2011/09/03 17:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 17:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/03 16:30:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/12 02:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2011/09/03 17:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/08/19 16:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCD FILES
[2011/08/19 21:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCDInfo
[2011/08/11 11:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCDTemp
[2009/03/12 02:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Acer
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Acer GameZone Console
[2009/03/12 02:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Super-Cow
[2010/05/30 21:17:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Lacey Smith\Application Data\.#
[2011/07/21 18:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\.purple
[2009/03/12 02:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Acer
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Acer GameZone Console
[2010/09/12 23:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Amazon
[2010/12/01 13:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Barnes & Noble
[2011/08/24 15:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\FileZilla
[2010/04/01 15:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Greyfirst
[2011/08/12 15:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\OpenOffice.org
[2010/08/24 19:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\OverDrive
[2011/07/29 18:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\SmartDraw
[2009/03/12 02:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Super-Cow
[2011/06/22 23:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Template
[2011/08/20 18:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Vulture
[2010/04/01 15:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/06/20 07:29:11 | 000,634,648 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/11 14:23:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/11 14:23:02 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/09/03 08:28:25 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/21 07:46:21 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/06/20 07:29:11 | 000,634,648 | ---- | M] (Microsoft Corporation)

< End of report >

[Render]

Hi,

Is your internet service provider Charter Communications?

We need to run an OTL Fix

Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

• Please right click on on your desktop and click on Run as administrator.
• Under the Custom Scans/Fixes box copy and paste this in:
  
  

  :OTL
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  O4 - HKLM..\Run: [M3000Mnt] File not found
  O4 - HKU\S-1-5-21-1809832699-1238661117-741939197-1005..\Run: [Corel Photo Downloader] File not found
  [2011/09/07 17:04:28 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\0148d9c7
  [2011/09/07 17:02:09 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\e1952638
  [2011/09/07 15:36:29 | 000,002,276 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\f630ae3d
  [2011/09/03 15:44:44 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\8930d6c7
    	
  :Files
  ipconfig /flushdns /c
  
  :Reg
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [emptyflash]
  [createrestorepoint]
  [reboot]

• Click on button.
• OTL may ask to reboot the machine. Please do so if asked.
• Click on button.
• A report will open. Copy and Paste that report in your next reply.
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

When completed the above, please post back the following in the order asked for:

• OTL fix log
• OTL scan log
  

[Lazey]

I think it is Charter Communications.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\M3000Mnt deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1809832699-1238661117-741939197-1005\Software\Microsoft\Windows\CurrentVersion\Run\\Corel Photo Downloader deleted successfully.
C:\Documents and Settings\Lacey Smith\Application Data\0148d9c7 moved successfully.
C:\Documents and Settings\Lacey Smith\Application Data\e1952638 moved successfully.
C:\Documents and Settings\Lacey Smith\Application Data\f630ae3d moved successfully.
C:\Documents and Settings\Lacey Smith\Application Data\8930d6c7 moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Lacey Smith\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Lacey Smith\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Lacey Smith
->Temp folder emptied: 7824278 bytes
->Temporary Internet Files folder emptied: 1798138 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 72871121 bytes
->Google Chrome cache emptied: 13162400 bytes
->Flash cache emptied: 756 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 90 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 91.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Lacey Smith
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.27.0 log created on 09082011_174553

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


OTL logfile created on: 9/8/2011 5:49:14 PM - Run 5
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Lacey Smith\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.88 Mb Total Physical Memory | 461.52 Mb Available Physical Memory | 45.52% Memory free
2.38 Gb Paging File | 1.97 Gb Available in Paging File | 82.80% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.05 Gb Total Space | 77.70 Gb Free Space | 54.70% Space Free | Partition Type: NTFS

Computer Name: ACER-330BB84976 | User Name: Lacey Smith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/07 18:33:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 07:59:59 | 003,485,480 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Setup\avast.setup
PRC - [2011/07/04 07:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009/02/11 18:46:28 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/02/05 11:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008/12/30 03:09:54 | 000,875,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 20:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/13 13:33:14 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2006/07/13 13:22:50 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/08 05:18:20 | 001,556,480 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090801\algo.dll
MOD - [2011/09/07 19:52:20 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090801\aswRep.dll
MOD - [2011/07/04 07:58:44 | 000,192,048 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
MOD - [2011/03/21 14:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2006/01/19 12:33:38 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXCZPP5C.DLL
MOD - [2003/06/07 01:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/02/05 11:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/04 07:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 07:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 07:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 07:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 07:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 07:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 07:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/03/02 01:03:46 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/25 20:17:52 | 001,344,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/02/24 04:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/02/03 02:42:30 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/01/02 18:33:54 | 000,145,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\M3000KNT.sys -- (M3000Srv)
DRV - [2008/08/05 08:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/06/27 09:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 09:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/11/02 09:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/01/04 03:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...10&m=aspire_one
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...10&m=aspire_one

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...10&m=aspire_one
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5B F9 F1 0C F2 0F E0 4B 85 85 43 C1 50 D5 8C 58 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: [email protected]:0.1
FF - prefs.js..extensions.enabledItems: [email protected]:0.1.2008d

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/03 17:26:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/11 14:23:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/11 14:23:26 | 000,000,000 | ---D | M]

[2010/04/01 15:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Extensions
[2010/04/01 15:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Extensions\[email protected]
[2011/09/08 16:00:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions
[2010/04/27 17:11:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/02 19:16:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Lacey Smith\Application Data\Mozilla\Firefox\Profiles\c9l4xwol.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/12 12:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/12 12:49:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/04/01 16:06:37 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2011/05/11 14:23:00 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/12 12:49:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/11 14:23:09 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/08 17:46:05 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O4 - Startup: C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.151.8.210 24.151.8.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A02DC451-2735-480A-98C2-245BC520EB57}: DhcpNameServer = 24.151.8.210 24.151.8.211
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/12 01:07:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/08 17:45:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/07 18:33:11 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
[2011/09/07 16:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\Malwarebytes
[2011/09/07 16:51:42 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/07 16:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/07 16:51:36 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/07 16:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/07 16:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/09/07 15:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Desktop\GooredFix Backups
[2011/09/07 15:13:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/07 15:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/09/07 15:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/09/07 15:09:13 | 001,932,256 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Lacey Smith\Desktop\FixTDSS.exe
[2011/09/06 20:30:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/09/06 19:25:42 | 001,402,672 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lacey Smith\Desktop\TDSSKiller.exe
[2011/09/04 14:16:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/09/03 17:27:53 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/03 17:27:53 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/03 17:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/09/03 17:27:49 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/03 17:27:48 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/03 17:27:48 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/03 17:27:47 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/03 17:27:47 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/03 17:27:47 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/03 17:26:51 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/03 17:26:50 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/03 17:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/03 17:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 16:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/09/03 16:30:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/09/03 16:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/03 16:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/09/02 20:05:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\timesheet
[2011/08/24 16:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Barnes & Noble
[2011/08/20 18:39:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\Vulture
[2011/08/18 18:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Recorded Books
[2011/08/18 17:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\FileZilla
[2011/08/18 17:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2011/08/18 17:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/08/12 17:30:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\Town of Eastford
[2011/08/12 15:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Application Data\OpenOffice.org
[2011/08/12 15:28:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\My Documents\My imm Media
[2011/08/12 15:27:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ingram Media Manager
[2011/08/12 15:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Ingram Media Manager
[2011/08/12 12:54:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3
[2011/08/12 12:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011/08/12 12:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lacey Smith\Desktop\OpenOffice.org 3.3 (en-US) Installation Files
[2009/03/11 08:53:14 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[1 C:\Documents and Settings\Lacey Smith\*.tmp files -> C:\Documents and Settings\Lacey Smith\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/08 17:48:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/08 17:47:35 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/08 17:47:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/08 17:46:05 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/09/08 14:12:57 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat
[2011/09/07 18:33:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lacey Smith\Desktop\OTL.exe
[2011/09/07 17:16:19 | 001,402,672 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lacey Smith\Desktop\TDSSKiller.exe
[2011/09/07 16:51:42 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 16:42:06 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/07 15:12:51 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/07 15:12:45 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\NTREGOPT.lnk
[2011/09/07 15:12:45 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\ERUNT.lnk
[2011/09/07 15:09:18 | 001,932,256 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Lacey Smith\Desktop\FixTDSS.exe
[2011/09/06 20:44:47 | 000,000,553 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\Shortcut to checked out.lnk
[2011/09/06 20:34:23 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/09/06 20:29:10 | 000,014,022 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Application Data\wklnhst.dat
[2011/09/06 20:29:05 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\checked out.wdb
[2011/09/03 17:27:53 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/09/03 17:27:48 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/03 13:53:32 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/08/30 20:03:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/26 17:02:38 | 000,101,562 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.pdf
[2011/08/25 16:58:59 | 000,019,885 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.odt
[2011/08/25 01:27:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/24 16:23:20 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/08/20 16:58:11 | 000,013,691 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\corn cakes.odt
[2011/08/20 15:36:44 | 000,000,899 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\Desktop\Shortcut to NetHackW.lnk
[2011/08/19 23:01:36 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/19 20:53:28 | 000,001,419 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Scrivener.lnk
[2011/08/19 15:56:51 | 000,000,663 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ingram Media Manager.lnk
[2011/08/18 18:52:01 | 000,001,965 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OneClickdigital Media Manager.lnk
[2011/08/18 17:14:55 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2011/08/13 20:25:58 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Lacey Smith\My Documents\Kelton.csv
[2011/08/12 12:54:13 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/08/12 00:09:55 | 000,495,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/12 00:09:55 | 000,085,668 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\Documents and Settings\Lacey Smith\*.tmp files -> C:\Documents and Settings\Lacey Smith\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/07 16:51:42 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 16:37:19 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\MBR.dat
[2011/09/07 15:12:51 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/09/07 15:12:45 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\NTREGOPT.lnk
[2011/09/07 15:12:45 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Desktop\ERUNT.lnk
[2011/09/06 20:44:47 | 000,000,553 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\Shortcut to checked out.lnk
[2011/09/06 20:34:21 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
[2011/09/03 17:27:53 | 000,001,693 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/08/26 17:02:36 | 000,101,562 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.pdf
[2011/08/25 16:58:58 | 000,019,885 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\LaceySResume.odt
[2011/08/24 16:23:20 | 000,000,877 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/08/20 16:58:10 | 000,013,691 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\corn cakes.odt
[2011/08/19 20:53:28 | 000,001,419 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Scrivener.lnk
[2011/08/18 18:52:01 | 000,001,965 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OneClickdigital Media Manager.lnk
[2011/08/18 17:14:55 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2011/08/12 16:04:25 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\My Documents\Kelton.csv
[2011/08/12 15:27:26 | 000,000,663 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ingram Media Manager.lnk
[2011/08/12 12:54:13 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/08/11 15:59:58 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/04 16:57:40 | 001,029,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1809832699-1238661117-741939197-1005-0.dat
[2011/08/04 16:57:31 | 000,303,042 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/07/30 20:03:17 | 000,000,092 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2011/07/30 20:03:14 | 000,000,270 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011/07/30 20:02:39 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2011/07/30 20:02:34 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LEXPING.EXE
[2011/07/30 20:02:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2011/07/30 20:02:02 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2010/07/01 20:59:34 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\EC3C4AFDC0.sys
[2010/07/01 20:59:32 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/04/11 14:53:34 | 000,014,022 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Application Data\wklnhst.dat
[2010/04/04 21:17:13 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\Lacey Smith\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/01 18:23:24 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\M3000DIF.dll
[2010/04/01 18:23:24 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\M3000KNT.sys
[2010/04/01 18:23:24 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M3000Twn.ini
[2010/04/01 18:23:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\AutosetFrequency.exe
[2010/04/01 18:23:19 | 000,000,639 | ---- | C] () -- C:\WINDOWS\AutoSetFrequency.ini
[2010/04/01 15:37:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/12 02:47:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/03/12 01:56:32 | 000,090,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2009/03/12 01:56:32 | 000,000,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/03/12 01:56:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/03/12 01:56:32 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/03/12 01:56:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/03/12 01:55:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/03/12 01:10:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2009/03/12 01:10:15 | 000,006,782 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/03/12 01:09:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/12 01:06:10 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/12 01:05:25 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/03/11 17:03:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/11 17:02:48 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 08:53:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2009/03/11 08:53:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/03/11 08:53:05 | 000,495,960 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/11 08:53:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/03/11 08:53:05 | 000,085,668 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/11 08:53:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/03/11 08:53:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/03/11 08:53:04 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/03/11 08:53:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/03/11 08:53:02 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/03/11 08:53:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/03/11 08:52:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/03/11 08:52:57 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

========== LOP Check ==========

[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer GameZone Console
[2011/09/03 17:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 17:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/03 16:30:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/12 02:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2011/09/03 17:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/08/19 16:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCD FILES
[2011/08/19 21:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCDInfo
[2011/08/11 11:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OCDTemp
[2010/05/30 21:17:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Lacey Smith\Application Data\.#
[2011/07/21 18:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\.purple
[2009/03/12 02:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Acer
[2009/03/12 02:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Acer GameZone Console
[2010/09/12 23:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Amazon
[2010/12/01 13:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Barnes & Noble
[2011/08/24 15:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\FileZilla
[2010/04/01 15:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Greyfirst
[2011/08/12 15:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\OpenOffice.org
[2010/08/24 19:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\OverDrive
[2011/07/29 18:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\SmartDraw
[2009/03/12 02:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Super-Cow
[2011/06/22 23:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Template
[2011/08/20 18:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lacey Smith\Application Data\Vulture

========== Purity Check ==========



< End of report >

[Render]

Are the redirects still evident?

We should proceed with general antimalware scan which can take quite a long time so please be patient.

Download AVPTool from Here to your desktop
(You have to enter your e-mail address and click on Submit Form button. Please download latest English version of this tool)

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right



Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
(Please be patient as this scan can take a few hours)


Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information



On completion click the link to locate the zip file to upload and attach to your next post

[Lazey]

I tried a search and I wasn't bothered by the redirects so hopefully it's gone. Still downloading the virus scan, will post the results after I run it.

[Render]

OK.

[Lazey]

Can't get the virus scan to complete, keeps freezing up on A0052425.dll. I tried a couple times, even tried running it overnight while I slept only to wake up to it frozen on that. It claims not to find any infected files.