Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

No Internet Connection, Can't Start Firewall, Can't Reset IP


  • Please log in to reply

#1
MichelleDavis

MichelleDavis

    Member

  • Member
  • PipPip
  • 13 posts
Back in July I took the computer to medical store cause it had a blue screen didn't want them to fix it for viruses (if it had any) cause I figured I could save money and do that myself)? So I got it back, and the only thing I notice now is I'm unable to connect to the internet and the firewall has the big x. I've tried all the things you need to do to reset the ip address, but none of that works. I just am now trying to fix it since I got it back in July. It's been off. Currently the computer is plugged into the router ... we have several pcs they all work fine. I even tried to plug the computer directly into the modem, and it still didn't work. So then I started thinking maybe a virus?

The computer has been off since July. To be honest, the computer was turned off, we went on a cruise, (in July/August) I came home, and tried to turn it back on and the screen was blue? I have no idea what's up with why the screen was blue when I turned it back on. The computer guy said it had viruses? So that's what I'm going on. No popups are any redirects are happening.
, -- I
I ran the malware scan ... and my antivirus (avg) window popped up and said I had 2 viruses, called it WIN32/HEUR ...So I let AVG do it's thing and removed them. Showed two of these, the same thing, names I mean.

I tried to get answers through another forum, he's gotten me to the combo fix part, but I need a connection {for XP, if ComboFix offers to install a Recovery Console, you must permit it to do so. It is very dangerous to permit ComboFix to run unless the Recovery Console is installed.} He said I needed a windows xp cd, and that's where we are now. Last response was yesterday at 3:30. I can't wait any long to hear ... I've left messages, but nothing. I've been here before, but I couldn't think of your name here, but I found out today! My last question to him was do I need the Windows XP cd, I don't have one. Thanks for any HELP!!! I appreciate it in advance!

So I've ran this OTL for you and here's that log file:

OTL logfile created on: 11/8/2011 10:43:39 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\MsLilly\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.09 Mb Total Physical Memory | 615.87 Mb Available Physical Memory | 60.26% Memory free
2.40 Gb Paging File | 1.92 Gb Available in Paging File | 79.77% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 114.38 Gb Free Space | 79.26% Space Free | Partition Type: NTFS
Drive E: | 488.60 Mb Total Space | 347.30 Mb Free Space | 71.08% Space Free | Partition Type: FAT

Computer Name: MICHELLE | User Name: MsLilly | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/08 22:15:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MsLilly\Desktop\OTL.exe
PRC - [2011/09/23 05:31:50 | 002,404,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/09/13 05:32:40 | 001,227,616 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/09/12 05:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/08/11 12:50:13 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
PRC - [2010/02/03 12:30:46 | 000,974,336 | ---- | M] (DYMO, Inc.) -- C:\Program Files\DYMO DiscPainter\Drivers\DYAASERV.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/09/18 12:46:30 | 000,481,792 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
PRC - [2006/09/18 12:46:30 | 000,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
PRC - [2006/09/18 12:46:30 | 000,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
PRC - [2006/03/21 16:50:07 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2006/01/13 16:22:20 | 000,233,472 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Simple Star\PhotoShow 4\data\Xtras\mssysmgr.exe
PRC - [2005/11/10 12:03:52 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PRC - [2005/06/17 08:55:58 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005/05/15 03:04:12 | 000,332,800 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2005/03/23 00:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/03/07 22:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAEA.EXE
PRC - [2005/01/26 14:15:16 | 000,884,838 | ---- | M] (NETGEAR) -- C:\Program Files\NETGEAR\WPN111\WPN111.exe
PRC - [2000/01/21 02:18:02 | 000,098,304 | ---- | M] () -- C:\Program Files\Intuit\QAgent\qagent.exe
PRC - [1999/11/05 17:43:24 | 000,065,024 | ---- | M] (Marimba Inc.) -- C:\WINDOWS\system32\MRTMNGR.EXE


========== Modules (No Company Name) ==========

MOD - [2010/08/11 12:50:13 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/03/24 23:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2006/10/09 15:12:40 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2006/09/18 12:46:28 | 000,081,920 | ---- | M] () -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\YDetectQFE.dll
MOD - [2006/06/30 10:09:10 | 000,126,976 | ---- | M] () -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmgit.dll
MOD - [2003/09/23 02:00:00 | 000,106,496 | ---- | M] () -- C:\Program Files\Dell\ShareDLL\djbsdk.dll
MOD - [2002/07/04 09:38:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\PhotoImpression 5\Share\PIHook.dll
MOD - [2000/01/21 02:18:02 | 000,098,304 | ---- | M] () -- C:\Program Files\Intuit\QAgent\qagent.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (helpsvc)
SRV - [2011/09/12 05:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/08/11 12:50:13 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2008/04/27 23:18:25 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2005/12/12 17:52:32 | 000,180,224 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe -- (ELService)
SRV - [2005/06/17 08:55:58 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel®


========== Driver Services (SafeList) ==========

DRV - [2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 00:14:30 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/07/11 00:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 00:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 00:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/07/11 00:13:46 | 000,229,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2009/12/02 17:19:10 | 000,038,528 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dyusb.sys -- (DYUSB)
DRV - [2009/04/14 02:05:22 | 000,031,104 | ---- | M] (USB Mass Storage.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UStorage.sys -- (USTORAGE)
DRV - [2008/05/27 01:52:18 | 000,051,072 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2006/03/21 16:50:10 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/12/12 17:52:34 | 000,010,112 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELhid.sys -- (ELhid)
DRV - [2005/12/12 17:52:34 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmon.sys -- (ELmon)
DRV - [2005/12/12 17:52:34 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELkbd.sys -- (ELkbd)
DRV - [2005/12/12 17:52:34 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmou.sys -- (ELmou)
DRV - [2005/12/12 17:52:32 | 000,007,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2005/11/16 22:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/26 15:02:50 | 000,362,944 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WPN111.sys -- (WPN111)
DRV - [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/07/24 11:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DNINDIS5.sys -- (DNINDIS5)
DRV - [2002/07/08 06:15:14 | 000,185,256 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\om518vid.sys -- (OM518P) VGA USB Camera (2120)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co...-inc&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.co...-inc&channel=us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...-inc&channel=us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..keyword.URL: "http://www.mywebsear...=to&searchfor="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@photodex.com/PhotodexPresenter: C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\MsLilly\Application Data\nprhapengine.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\ [2011/11/05 22:14:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/11/05 22:17:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\PROGRA~1\Mozilla Firefox\components [2008/12/22 01:31:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\PROGRA~1\Mozilla Firefox\plugins [2010/07/15 22:28:31 | 000,000,000 | ---D | M]

[2009/07/20 21:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MsLilly\Application Data\Mozilla\Firefox\Profiles\xsr3hfmx.default\extensions
[2009/07/03 23:18:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\MsLilly\Application Data\Mozilla\Firefox\Profiles\xsr3hfmx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/08/27 21:52:27 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\MsLilly\Application Data\Mozilla\Firefox\Profiles\xsr3hfmx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/05/04 17:13:06 | 000,009,895 | ---- | M] () -- C:\Documents and Settings\MsLilly\Application Data\Mozilla\Firefox\Profiles\xsr3hfmx.default\searchplugins\mywebsearch.xml
[2009/11/05 12:07:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/08/01 09:04:19 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRA~1\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/05/05 10:56:52 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRA~1\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG8\FIREFOX
[2009/05/05 10:56:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/04/19 23:00:52 | 000,000,000 | ---D | M] (WBE Paste) -- C:\PROGRAM FILES\STARFIELD\WEB-BASED EMAIL TOOLS
[2008/12/22 01:31:36 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2008/12/22 01:31:36 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2008/12/22 01:31:36 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2008/12/22 01:31:36 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2008/12/22 01:31:36 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2005/04/27 15:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2009/03/03 07:52:30 | 000,235,520 | ---- | M] (Starfield Technology, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwbe.dll
[2008/08/22 08:58:42 | 000,217,088 | ---- | M] (Starfield Technology, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwbe.dll_

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (SpywareBlock Class) - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\SpyCatcher 2006\SCActiveBlock.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CookiePatrol] C:\Program Files\PestPatrol\CookiePatrol.exe (Computer Associates International)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe File not found
O4 - HKLM..\Run: [dyaaserv.exe] C:\Program Files\DYMO DiscPainter\Drivers\dyaaserv.exe (DYMO, Inc.)
O4 - HKLM..\Run: [EPSON Stylus CX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [MimBoot] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe (Computer Associates International)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PPMemCheck] C:\Program Files\PestPatrol\PPMemCheck.exe ()
O4 - HKLM..\Run: [QAGENT] C:\Program Files\Intuit\QAgent\qagent.exe ()
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide File not found
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [My Kazaa Gold] C:\Program Files\My Kazaa Gold\MyGoldKazaa.exe /hide File not found
O4 - HKCU..\Run: [Simple Star PhotoShow Media Manager] C:\Program Files\Simple Star\PhotoShow 4\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Billminder.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WPN111 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN111\WPN111.exe (NETGEAR)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Startup.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Value error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg...l_v1-0-3-48.cab (EPUImageControl Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://static.slide....ageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://aolsvc.aol.co...esPlayer_v4.cab (GoBit Games Player)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://games.pogo.co...aploader_v6.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopet...v/GoPetsWeb.cab (GoPetsWeb Control)
O16 - DPF: Web-Based Email Tools http://email06.secur...et/Download.CAB (Reg Error: Key error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\MsLilly\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\MsLilly\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{bd5043f8-bc53-11da-80b4-00038a000015}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\E\Shell\phone\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/08 22:42:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\MsLilly\Desktop\OTL.exe
[2011/11/08 01:16:57 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/11/08 01:15:01 | 004,284,686 | R--- | C] (Swearware) -- C:\Documents and Settings\MsLilly\Desktop\ComboFix.exe
[2011/11/06 22:08:42 | 000,000,000 | ---D | C] -- C:\Program Files\SPYCATCHER 2006
[2011/11/06 21:55:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/11/06 21:55:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/11/06 21:55:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/11/06 21:05:51 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/11/06 21:05:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/11/06 20:12:03 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\MsLilly\Desktop\dds.scr
[2011/11/06 09:25:52 | 000,000,000 | ---D | C] -- C:\Program Files\MALWAREBYTES ANTI-MALWARE
[2011/11/06 01:05:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/05 22:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MsLilly\Application Data\SUPERAntiSpyware.com
[2011/11/05 22:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup
[2011/11/05 22:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/11/05 22:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/11/05 22:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2011/11/05 22:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MsLilly\Application Data\AVG2012
[2011/11/05 22:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/11/05 01:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MsLilly\Start Menu\Programs\HiJackThis
[2008/01/20 16:54:25 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 30 Days ==========

[2011/11/08 22:15:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MsLilly\Desktop\OTL.exe
[2011/11/08 01:09:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/06 19:47:33 | 000,869,194 | ---- | M] () -- C:\Documents and Settings\MsLilly\Desktop\SecurityCheck.exe
[2011/11/06 17:44:28 | 000,463,510 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/06 17:44:28 | 000,078,786 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/06 16:31:30 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\MsLilly\Desktop\avg scan.csv
[2011/11/06 15:38:02 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\MsLilly\Desktop\dds.scr
[2011/11/06 01:05:38 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\MsLilly\Desktop\HiJackThis.lnk
[2011/11/06 00:41:30 | 004,284,686 | R--- | M] (Swearware) -- C:\Documents and Settings\MsLilly\Desktop\ComboFix.exe
[2011/11/06 00:10:55 | 001,361,504 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/06 00:07:21 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/11/06 00:05:25 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2011/11/05 23:31:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/05 22:54:08 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/05 22:17:09 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/11/05 18:37:15 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/05 01:43:59 | 000,009,400 | ---- | M] () -- C:\Documents and Settings\MsLilly\Application Data\DiscPainter.ini
[2011/11/05 01:19:18 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\MsLilly\My Documents\hijack this nov.wps

========== Files Created - No Company Name ==========

[2011/11/06 21:55:39 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/11/06 21:55:39 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/11/06 21:55:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/11/06 21:05:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/11/06 21:05:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/06 20:15:36 | 000,869,194 | ---- | C] () -- C:\Documents and Settings\MsLilly\Desktop\SecurityCheck.exe
[2011/11/06 16:31:30 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\MsLilly\Desktop\avg scan.csv
[2011/11/06 00:05:22 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2011/11/06 00:05:22 | 000,001,725 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011/11/06 00:05:22 | 000,001,397 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WPN111 Smart Wizard.lnk
[2011/11/06 00:05:22 | 000,001,372 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Billminder.lnk
[2011/11/06 00:05:22 | 000,001,354 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Startup.lnk
[2011/11/06 00:05:22 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
[2011/11/06 00:05:22 | 000,000,831 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
[2011/11/06 00:05:22 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
[2011/11/05 22:49:48 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/05 22:17:09 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/11/05 01:19:18 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\MsLilly\My Documents\hijack this nov.wps
[2011/11/05 01:14:35 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\MsLilly\Desktop\HiJackThis.lnk
[2011/08/23 10:00:13 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_15
[2011/08/23 10:00:08 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_14
[2011/08/23 10:00:06 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_13
[2011/08/23 09:59:54 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_12
[2011/08/23 09:59:53 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_11
[2011/08/23 09:59:51 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_10
[2011/08/23 09:59:49 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_9
[2011/08/23 09:59:48 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_8
[2011/08/23 09:59:47 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_7
[2011/08/23 09:59:45 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_6
[2011/08/23 09:59:43 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_5
[2011/08/23 09:59:42 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_4
[2011/08/23 09:59:41 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_3
[2011/08/23 09:59:37 | 000,288,961 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_2
[2011/08/23 09:59:24 | 000,289,335 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\UNDO_1
[2010/08/16 15:55:37 | 000,009,400 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\DiscPainter.ini
[2010/06/12 09:32:30 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2010/06/12 09:32:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2010/06/12 09:32:28 | 000,149,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\ar5523.bin
[2009/11/11 21:08:02 | 000,000,100 | ---- | C] () -- C:\WINDOWS\GraphicsDesk.INI
[2009/03/27 21:04:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009/02/01 21:52:05 | 000,032,528 | ---- | C] () -- C:\WINDOWS\amcap.exe
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/05/06 10:07:15 | 000,002,304 | ---- | C] () -- C:\WINDOWS\System32\makk6rhokf6ao.dat
[2008/04/29 23:31:54 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\cardinfo.dll
[2008/04/29 23:31:54 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\bravemail.dll
[2008/04/25 09:00:14 | 000,001,403 | ---- | C] () -- C:\WINDOWS\MQPreset.ini
[2008/04/25 09:00:14 | 000,000,279 | ---- | C] () -- C:\WINDOWS\Multique.ini
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/03/11 23:05:20 | 000,000,030 | ---- | C] () -- C:\WINDOWS\INTURS.DAT
[2007/02/13 21:29:55 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/02/10 20:30:03 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/01/26 22:00:21 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/12/26 16:41:20 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/12/06 20:37:39 | 000,000,013 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\3113.sys
[2006/11/21 21:10:29 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/11/03 21:59:02 | 000,000,028 | ---- | C] () -- C:\WINDOWS\qfnonl.ini
[2006/11/03 21:58:09 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2006/11/03 21:57:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2006/11/03 21:57:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2006/11/01 13:36:21 | 000,000,973 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/11/01 13:36:20 | 000,000,639 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2006/11/01 13:36:19 | 000,006,838 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2006/09/17 20:40:35 | 000,000,027 | ---- | C] () -- C:\WINDOWS\pc-cillin.ini
[2006/09/16 23:56:54 | 000,003,591 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/09/16 18:23:11 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\CO_Mon.sys
[2006/09/16 18:00:34 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/08/15 20:18:32 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006/08/15 20:18:30 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/08/15 20:18:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/08/15 20:18:29 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/08/15 20:18:26 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006/08/15 20:18:26 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006/08/11 21:57:45 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\MsLilly\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/20 20:41:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/04/06 18:17:29 | 000,060,565 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2006/04/06 18:17:29 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2006/04/06 18:17:29 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2006/04/06 18:17:29 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2006/04/06 18:17:29 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2006/04/06 18:17:29 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2006/04/06 18:17:29 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2006/04/06 18:17:29 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2006/04/06 18:17:29 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2006/04/06 18:17:29 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2006/04/06 18:17:29 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/04/06 18:17:28 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2006/04/06 18:17:28 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2006/04/06 18:17:28 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2006/04/06 18:16:23 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPCX4200.ini
[2006/03/28 23:47:13 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2006/03/27 00:35:04 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006/03/25 21:17:08 | 000,000,013 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\jgalt.ayn
[2006/03/25 20:49:23 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\A13B40A296.sys
[2006/03/25 17:33:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/03/25 17:32:12 | 000,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/25 17:31:33 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\PFP120JPR.{PB
[2006/03/25 17:31:33 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\MsLilly\Application Data\PFP120JCM.{PB
[2006/03/25 16:15:13 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\MsLilly\Local Settings\Application Data\fusioncache.dat
[2006/03/21 17:00:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/21 16:55:38 | 000,000,165 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/03/21 16:53:32 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/03/21 16:49:33 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/03/21 16:27:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/03/21 16:27:08 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/03/21 16:26:28 | 000,000,387 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 09:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/16 05:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 05:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 05:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 05:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 05:27:59 | 001,361,504 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 05:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 05:18:33 | 000,463,510 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 05:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 05:18:33 | 000,078,786 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 05:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 05:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 05:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 05:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 05:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 05:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 05:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 05:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2011/11/05 22:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009/03/02 20:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2010/09/20 12:06:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund LLC
[2009/01/03 01:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2010/09/01 07:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/11/10 12:34:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2011/11/06 18:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2008/04/27 23:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2008/02/01 09:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2008/06/18 08:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2008/06/20 09:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2008/01/26 10:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2011/11/05 22:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/22 22:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/08/11 12:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photodex
[2009/07/01 19:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2007/02/28 19:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playtonium Games
[2006/04/04 17:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2007/02/16 10:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/01/03 15:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2011/11/05 22:53:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup
[2009/07/01 20:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/11/06 17:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tenebril
[2007/06/29 09:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/09/03 08:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2011/11/05 01:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Amazon
[2011/11/05 22:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\AVG2012
[2010/09/03 08:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\CallingID
[2006/03/25 21:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\CoffeeCup Software
[2006/09/22 22:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\EPSON
[2008/02/01 09:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Flood Light Games
[2006/06/06 16:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\funkitron
[2008/06/19 08:31:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Gaijin Ent
[2008/08/18 09:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Gamelab
[2009/11/11 20:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Hemera
[2009/10/07 20:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\IObit
[2006/03/25 17:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Leadertech
[2009/06/21 21:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\LimeWire
[2008/07/16 21:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\mjusbsp
[2009/01/03 00:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\MyLogoMaker
[2010/08/11 12:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Netscape
[2010/08/11 12:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Photodex
[2009/07/01 19:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\PlayFirst
[2009/07/01 19:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Pogo Games
[2009/10/08 22:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Simple Star
[2006/09/16 11:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Tenebril
[2011/11/06 18:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Uniblue
[2008/11/24 20:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Viewpoint
[2009/05/05 23:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Windows Desktop Search
[2009/05/07 23:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MsLilly\Application Data\Windows Search

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:949483BD
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8E29393
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E94F23CD
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B7E8561
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:13B137AF
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D61FFEE
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:588B60C7
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DD623B3
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CF23EC3

< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,786 posts
  • MVP
To install the Windows Recovery Console when you do not have the Windows XP CD, please follow these instructions:

Click on the following link to go to Microsoft's Web site:

http://support.microsoft.com/kb/310994

At that page, scroll down and click on the appropriate download for your version of Windows XP (Home or Professional) and the service pack level that you have installed. When you click on the link to download the file, make sure you save it directly to your desktop....If you are using Windows XP Media Center, then you should select the Windows XP Pro Service Pack 2 download.

Once the Microsoft file has finished downloading, you should drag it on top of the ComboFix icon and let your mouse button go.

Combofix should start and install the Recovery console. You will have to agree a couple of times then it should continue with the scan.

Start, Run, cmd, OK to bring up a command window. Type with an Enter after each line:

ipconfig /all

(Do you get an error? If not what IP address does it have?)

nslookup att.com

(Do you get IP addresses or does it time out)

net start dhcp
(Does it say it is started already or do you get an error?)



Ron
  • 0

#3
MichelleDavis

MichelleDavis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Urgh, I took it to the shop, cause it wouldn't start up. :)

He says there's several things wrong -- the main thing is something about the boot drive? So they are working on it now. Sorry to have started this and not be able to go on fixing it myself.

I love this site though. And I will continue to use it when I have any problems.

Thanks again.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP