[Onaipian]

Nicely done with replacing svchost! I see a few more bits of malware, which we will take care of, and then we will get one last check. I've also posted some steps to restore permissions.


STEP 1
Run OTL (Double click to run)

• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :OTL
  IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL File not found
  O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL File not found
  O29 - HKLM SecurityProviders - (xlibgfl254.dll) - .Trashes [2008/11/03 13:08:10 | 00,000,000 | -H-D | M]
  O34 - HKLM BootExecute: (stera) - File not found
  
  :Services
  
  :Reg
  
  :Files
  
  :Commands
  [purity]
  [emptytemp]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

STEP 2
We removed an infection earlier that borked some of your permissions. This tool will restore them, but you will have to do each individually. (Detailed instructions below)

Please download Inherit, by sUBs to your Desktop.

• Drag each .exe that won't run into Inherit one by one to restore permissions.
• Be sure that you use the .exe, not a shortcut.
• Wait for a prompt signalling its finish. Click Ok.

Note:
For AVG, you should be able to find most .exe's in C:\Program Files\AVG\AVG8. I have no idea what ones the virus may have targeted, however, there is no harm in dragging a normal working file into it; so you will be able to get it through trial and error.




STEP 3
Please download Malwarebytes' Anti-Malware from Here or Here

• Double Click mbam-setup.exe to install the application.
• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



STEP 4
Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.
• Open JavaRa.exe again and select Search For Updates.
• Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

STEP 5
Using Internet Explorer or Firefox, visit Kaspersky Online Scanner

1. Click Accept, when prompted to download and install the program files and database of malware definitions.

2. To optimize scanning time and produce a more sensible report for review:

• Close any open programs
• Turn off the real time scanner of any existing antivirus program while performing the online scan. Click HERE to see how to disable the most common antivirus programs.

3. Click Run at the Security prompt.

The program will then begin downloading and installing and will also update the database.
Please be patient as this can take quite a long time to download.

• Once the update is complete, click on Settings.
• Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
  • Spyware, adware, dialers, and other riskware
  • Archives
  • E-mail databases
• Click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
• Click View report... at the bottom.
• Click the Save report... button.
  
  
  
  
• Change the Files of type dropdown box to Text file (.txt) and name the file KasReport.txt to save the file to your desktop so that you may post it in your next reply

STEP 6
Remember to post back the following logs:

• OTL log
• MalwareBytes' Log
• Kaspersky Results

[Advertisements]

OTL logfile created on: 10/25/2009 9:52:13 PM - Run 4
OTL by OldTimer - Version 3.0.21.0 Folder = g:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.53 Mb Total Physical Memory | 44.05 Mb Available Physical Memory | 9.19% Memory free
1.10 Gb Paging File | 0.71 Gb Available in Paging File | 64.91% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 1.38 Gb Free Space | 9.88% Space Free | Partition Type: NTFS
Drive D: | 167.33 Gb Total Space | 67.74 Gb Free Space | 40.48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 247.22 Mb Total Space | 182.91 Mb Free Space | 73.98% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RICKERT-1
Current User Name: Jennifer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/10/19 17:15:58 | 00,521,216 | ---- | M] (OldTimer Tools) -- g:\otl.exe
PRC - [2009/08/27 08:47:33 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/03/10 14:57:18 | 01,553,920 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2009/02/20 13:52:23 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/04/11 13:13:04 | 00,151,552 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\Pelmiced.exe
PRC - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
PRC - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/01/20 14:48:06 | 00,142,416 | R--- | M] (Command Software Systems, Inc.) -- C:\Program Files\Common Files\Command Software\dvpapi.exe
PRC - [2004/07/14 15:36:54 | 00,057,344 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\ICO.EXE
PRC - [2004/03/12 20:32:38 | 00,086,098 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
PRC - [2004/03/12 15:20:34 | 01,691,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
PRC - [2004/02/25 08:22:06 | 00,737,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
PRC - [2004/02/25 08:12:38 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
PRC - [2003/12/05 16:32:56 | 00,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\shwserv.exe
PRC - [2003/12/05 16:32:06 | 00,090,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe
PRC - [2003/10/30 15:48:10 | 01,286,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
PRC - [2003/10/06 23:26:10 | 00,229,376 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\usbsircs\usbsircs.exe
PRC - [2003/07/28 21:12:18 | 00,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Logi_MwX.Exe
PRC - [2003/02/17 01:35:06 | 00,053,248 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
PRC - [2002/08/20 14:29:26 | 00,040,960 | ---- | M] (Easy Systems Japan Ltd.) -- C:\WINDOWS\System32\ezSP_Px.exe

========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (WSearch [Auto | Stopped])
SRV - File not found -- -- (SymWSC [Auto | Stopped])
SRV - File not found -- -- (OneCareMP [Disabled | Stopped])
SRV - File not found -- -- (msfwsvc [Disabled | Stopped])
SRV - [2009/08/27 08:46:43 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Disabled | Stopped])
SRV - [2009/08/27 08:46:23 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Stopped])
SRV - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/02/20 13:52:23 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2006/01/20 14:48:06 | 00,142,416 | R--- | M] (Command Software Systems, Inc.) -- C:\Program Files\Common Files\Command Software\dvpapi.exe -- (dvpapi [Auto | Running])
SRV - [2005/05/04 00:04:28 | 09,150,464 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS [Disabled | Stopped])
SRV - [2005/05/03 22:50:28 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
SRV - [2005/05/03 21:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS [Disabled | Stopped])
SRV - [2004/03/12 20:33:54 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service [On_Demand | Stopped])
SRV - [2004/03/12 20:32:38 | 00,086,098 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -- (VAIO Entertainment File Import Service [Auto | Running])
SRV - [2004/03/12 20:11:34 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])
SRV - [2004/03/12 19:57:42 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -- (VAIO Entertainment UPnP Client Adapter [On_Demand | Stopped])
SRV - [2004/03/12 15:20:34 | 01,691,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [Auto | Running])
SRV - [2004/03/05 16:35:34 | 00,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
SRV - [2004/02/25 08:22:06 | 00,737,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP [Auto | Running])
SRV - [2004/02/25 08:22:06 | 00,737,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [Auto | Running])
SRV - [2004/02/25 08:12:38 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-VideoServer-HTTP [Auto | Running])
SRV - [2004/02/25 08:12:38 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [Auto | Running])
SRV - [2003/12/09 09:38:14 | 00,065,625 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe -- (PACSPTISVR [On_Demand | Stopped])
SRV - [2003/12/09 09:32:58 | 00,065,622 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe -- (SPTISRV [On_Demand | Stopped])
SRV - [2003/12/05 16:32:56 | 00,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\shwserv.exe -- (Giga Pocket Hardware Detector [Auto | Running])
SRV - [2003/12/05 16:32:06 | 00,090,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe -- (Sony TV Tuner Manager [On_Demand | Running])
SRV - [2003/10/30 15:48:10 | 01,286,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer [Auto | Running])
SRV - [2003/09/25 16:38:56 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\halsv.exe -- (Sony TV Tuner Controller [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.verizon.net/
IE - HKCU\..\URLSearchHook: *{00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/05/30 17:55:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/10 01:12:06 | 00,000,000 | ---D | M]


O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\Logi_MwX.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [Personal Security Center Monitor] C:\WINDOWS\System32\isc_ui.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100458 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident\4.0; FunWebProducts; Mozilla\4.0 ( File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk = C:\Program Files\sony\usbsircs\usbsircs.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VAIO Action Setup (Server).lnk = C:\Program Files\Sony\VAIO Action Setup\VAServ.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O8 - Extra context menu item: Add to Windows &Live Favorites - File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Steph\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 63.219.181.7 ([]http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1163367750046 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://ak.imgag.com/...tall/AxCtp2.cab (Create & Print ActiveX Plug-in)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,26/mcgdmgr.cab (DwnldGroupMgr Class)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll File not found
O29 - HKLM SecurityProviders - (ntoskrnl.dll) - .DS_Store ()
O29 - HKLM SecurityProviders - (xlibgfl254.dll) - .DS_Store ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/20 17:10:50 | 00,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/10/15 17:09:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/22 01:56:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer\Application Data\AVG8
[2009/10/15 17:09:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer\Application Data\Malwarebytes
[2009/10/22 01:54:12 | 00,889,840 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Jennifer\Desktop\avg_free_stb_all_8_37_cnet.exe
[2009/10/21 20:17:30 | 00,000,000 | ---D | C] -- C:\Avenger
[2009/10/18 10:33:45 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/10/18 10:31:02 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/10/18 10:31:02 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/10/18 10:31:02 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/10/18 10:31:02 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/10/18 10:30:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/18 10:29:09 | 00,000,000 | ---D | C] -- C:\Qoobox
[2007/03/25 21:06:02 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 14 Days ==========

[2009/10/25 21:58:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C71330FF-3D32-4CDC-877B-2A4D8C7B5123}.job
[2009/10/25 21:49:16 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/25 21:47:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/25 21:47:42 | 00,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/25 17:31:51 | 00,002,313 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\Microsoft Office Word 2007.lnk
[2009/10/25 17:28:22 | 00,013,627 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Sarris Christmas.xlsx
[2009/10/25 16:49:12 | 00,002,275 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\Microsoft Office Excel 2007.lnk
[2009/10/23 09:18:34 | 00,017,477 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Applelicious.xlsx
[2009/10/22 02:15:50 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/22 02:13:03 | 02,638,804 | -H-- | M] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\IconCache.db
[2009/10/22 02:11:35 | 00,000,451 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/22 01:54:17 | 00,889,840 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Jennifer\Desktop\avg_free_stb_all_8_37_cnet.exe
[2009/10/22 01:16:13 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\oldreg.reg
[2009/10/22 01:09:02 | 00,071,544 | ---- | M] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/22 00:52:51 | 00,445,532 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/22 00:52:51 | 00,078,402 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/22 00:52:50 | 00,534,402 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/21 06:31:36 | 00,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/21 06:10:11 | 00,002,279 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\Microsoft Office PowerPoint 2007.lnk
[2009/10/20 18:34:00 | 00,056,832 | ---- | M] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/19 07:28:17 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/18 10:34:28 | 00,000,281 | -HS- | M] () -- C:\boot.ini
[2009/10/17 17:54:49 | 43,179,769 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/10/16 08:35:14 | 00,033,037 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/10/14 09:10:52 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/10/14 09:10:51 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/10/11 22:35:08 | 00,015,179 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2008 - Applelicious.xlsx

========== Files - No Company Name ==========
[2009/10/22 10:06:14 | 00,013,627 | ---- | C] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Sarris Christmas.xlsx
[2009/10/22 01:16:13 | 00,000,682 | ---- | C] () -- C:\Documents and Settings\Jennifer\Desktop\oldreg.reg
[2009/10/18 10:34:28 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/10/18 10:34:25 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/10/18 10:31:02 | 00,236,544 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/18 10:31:02 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/18 10:31:02 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/18 10:31:02 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/09/20 19:11:53 | 00,000,253 | ---- | C] () -- C:\WINDOWS\Creator.INI
[2009/09/20 18:03:23 | 00,000,035 | ---- | C] () -- C:\WINDOWS\SIMTOWN.INI
[2009/06/30 19:34:04 | 02,638,804 | -H-- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\IconCache.db
[2009/04/25 14:08:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2008/01/05 02:59:25 | 00,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2008/01/05 02:58:04 | 00,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/01/05 02:58:04 | 00,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/12/09 21:58:34 | 00,000,037 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2007/06/08 06:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/05/20 18:36:10 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2007/05/20 17:10:50 | 00,000,347 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2007/04/26 23:13:04 | 00,001,080 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/04/17 20:51:57 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/03/24 18:13:29 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Caesar2.ini
[2007/02/12 14:33:26 | 00,056,832 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/14 17:37:33 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/25 22:32:00 | 00,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2005/09/10 15:20:55 | 00,000,331 | ---- | C] () -- C:\WINDOWS\WinFrotz.INI
[2005/08/07 16:01:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/08/02 23:11:06 | 00,000,011 | ---- | C] () -- C:\WINDOWS\exchng.ini
[2005/07/23 12:34:19 | 00,000,020 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/05/09 19:41:05 | 00,039,424 | RHS- | C] () -- C:\WINDOWS\System32\shdocpl.dll
[2005/04/18 17:04:59 | 00,071,544 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2004/09/15 20:37:38 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2004/09/15 19:42:55 | 00,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2004/09/15 19:40:38 | 00,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2004/09/15 19:40:38 | 00,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2004/09/15 19:36:47 | 00,000,196 | ---- | C] () -- C:\WINDOWS\EPSON RX500 Installer.ini
[2004/09/15 12:46:41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Jennifer\Application Data\desktop.ini
[2004/05/20 18:08:07 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/05/20 18:08:07 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/05/20 18:08:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/05/20 18:08:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/05/20 18:08:07 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/05/20 18:08:07 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/05/20 18:03:05 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\Px.ini
[2004/05/20 18:02:07 | 00,000,737 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/03/09 18:53:25 | 00,000,903 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/03/09 18:50:59 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2004/03/09 18:46:27 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2004/03/08 23:50:51 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/03/08 18:11:51 | 00,034,403 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2004/03/08 18:11:51 | 00,016,558 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2004/03/08 18:07:51 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2004/03/08 17:09:41 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/03/08 15:49:01 | 00,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/03/08 14:36:51 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\cbldrm.dll
[2004/03/08 14:36:50 | 00,000,730 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/08 14:36:37 | 00,000,839 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/03/08 14:36:35 | 00,000,451 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/03/08 07:40:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2003/08/12 12:58:40 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2003/08/12 12:58:32 | 00,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2003/08/12 12:58:22 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2003/08/12 12:58:20 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2002/06/12 16:21:12 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2001/10/12 11:58:20 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr310exd.dll
[2001/10/12 11:57:18 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\mr310exv.dll
[2000/12/07 11:13:58 | 00,015,164 | ---- | C] () -- C:\WINDOWS\mr310twc.ini
[1998/10/11 01:07:38 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1997/07/11 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/07/11 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1997/06/13 20:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2009/10/22 02:07:26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2007/05/20 16:35:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2009/07/04 06:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2006/12/27 11:52:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2006/09/23 10:53:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freedom
[2009/09/16 07:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2006/09/23 10:00:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2009/07/06 19:11:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2009/02/11 22:46:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2007/05/20 17:30:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2006/11/03 17:31:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QubeSoft
[2004/03/08 15:49:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2008/06/01 14:45:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Verizon
[2009/02/10 19:33:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/01/01 12:36:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/10/22 01:56:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Jennifer\Application Data
[2004/09/15 22:39:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\ArcSoft
[2009/06/14 14:39:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\AVGTOOLBAR
[2009/09/18 19:40:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Costco Photo Viewer US
[2004/11/13 13:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Drag'n Drop CD+DVD
[2008/12/25 15:56:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\EPSON
[2009/04/01 20:44:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\ErrorFix
[2009/03/20 23:04:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\gtk-2.0
[2007/06/10 09:35:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\IMVU
[2009/03/20 23:31:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\InterVideo
[2006/07/16 09:49:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Leadertech
[2009/09/16 07:48:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Motive
[2008/04/28 10:23:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Move Networks
[2006/09/25 22:08:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\MSN6
[2006/09/25 22:08:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\MSNInstaller
[2008/03/20 22:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\pdf995
[2004/09/15 22:30:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Smart Panel
[2007/09/26 08:46:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\U3
[2006/09/23 21:13:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Verizon
[2007/01/25 12:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\WinAntiVirus Pro 2006
[2009/03/15 09:04:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Windows Search
[2009/04/01 22:26:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\yoclient
[2003/03/31 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2004/09/14 23:53:59 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2009/10/25 21:47:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/10/25 21:58:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C71330FF-3D32-4CDC-877B-2A4D8C7B5123}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\rpcss.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\dllcache\rpcss.dll:SummaryInformation
< End of report >

[Maengar]

OTL logfile created on: 10/25/2009 9:52:13 PM - Run 4
OTL by OldTimer - Version 3.0.21.0 Folder = g:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.53 Mb Total Physical Memory | 44.05 Mb Available Physical Memory | 9.19% Memory free
1.10 Gb Paging File | 0.71 Gb Available in Paging File | 64.91% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 1.38 Gb Free Space | 9.88% Space Free | Partition Type: NTFS
Drive D: | 167.33 Gb Total Space | 67.74 Gb Free Space | 40.48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 247.22 Mb Total Space | 182.91 Mb Free Space | 73.98% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RICKERT-1
Current User Name: Jennifer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/10/19 17:15:58 | 00,521,216 | ---- | M] (OldTimer Tools) -- g:\otl.exe
PRC - [2009/08/27 08:47:33 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/03/10 14:57:18 | 01,553,920 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2009/02/20 13:52:23 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/04/11 13:13:04 | 00,151,552 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\Pelmiced.exe
PRC - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
PRC - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/01/20 14:48:06 | 00,142,416 | R--- | M] (Command Software Systems, Inc.) -- C:\Program Files\Common Files\Command Software\dvpapi.exe
PRC - [2004/07/14 15:36:54 | 00,057,344 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\ICO.EXE
PRC - [2004/03/12 20:32:38 | 00,086,098 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
PRC - [2004/03/12 15:20:34 | 01,691,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
PRC - [2004/02/25 08:22:06 | 00,737,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
PRC - [2004/02/25 08:12:38 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
PRC - [2003/12/05 16:32:56 | 00,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\shwserv.exe
PRC - [2003/12/05 16:32:06 | 00,090,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe
PRC - [2003/10/30 15:48:10 | 01,286,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
PRC - [2003/10/06 23:26:10 | 00,229,376 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\usbsircs\usbsircs.exe
PRC - [2003/07/28 21:12:18 | 00,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Logi_MwX.Exe
PRC - [2003/02/17 01:35:06 | 00,053,248 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
PRC - [2002/08/20 14:29:26 | 00,040,960 | ---- | M] (Easy Systems Japan Ltd.) -- C:\WINDOWS\System32\ezSP_Px.exe

========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (WSearch [Auto | Stopped])
SRV - File not found -- -- (SymWSC [Auto | Stopped])
SRV - File not found -- -- (OneCareMP [Disabled | Stopped])
SRV - File not found -- -- (msfwsvc [Disabled | Stopped])
SRV - [2009/08/27 08:46:43 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Disabled | Stopped])
SRV - [2009/08/27 08:46:23 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Stopped])
SRV - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/02/20 13:52:23 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2006/01/20 14:48:06 | 00,142,416 | R--- | M] (Command Software Systems, Inc.) -- C:\Program Files\Common Files\Command Software\dvpapi.exe -- (dvpapi [Auto | Running])
SRV - [2005/05/04 00:04:28 | 09,150,464 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS [Disabled | Stopped])
SRV - [2005/05/03 22:50:28 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
SRV - [2005/05/03 21:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS [Disabled | Stopped])
SRV - [2004/03/12 20:33:54 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service [On_Demand | Stopped])
SRV - [2004/03/12 20:32:38 | 00,086,098 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -- (VAIO Entertainment File Import Service [Auto | Running])
SRV - [2004/03/12 20:11:34 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])
SRV - [2004/03/12 19:57:42 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -- (VAIO Entertainment UPnP Client Adapter [On_Demand | Stopped])
SRV - [2004/03/12 15:20:34 | 01,691,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [Auto | Running])
SRV - [2004/03/05 16:35:34 | 00,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
SRV - [2004/02/25 08:22:06 | 00,737,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP [Auto | Running])
SRV - [2004/02/25 08:22:06 | 00,737,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [Auto | Running])
SRV - [2004/02/25 08:12:38 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-VideoServer-HTTP [Auto | Running])
SRV - [2004/02/25 08:12:38 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [Auto | Running])
SRV - [2003/12/09 09:38:14 | 00,065,625 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe -- (PACSPTISVR [On_Demand | Stopped])
SRV - [2003/12/09 09:32:58 | 00,065,622 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe -- (SPTISRV [On_Demand | Stopped])
SRV - [2003/12/05 16:32:56 | 00,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\shwserv.exe -- (Giga Pocket Hardware Detector [Auto | Running])
SRV - [2003/12/05 16:32:06 | 00,090,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe -- (Sony TV Tuner Manager [On_Demand | Running])
SRV - [2003/10/30 15:48:10 | 01,286,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer [Auto | Running])
SRV - [2003/09/25 16:38:56 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\halsv.exe -- (Sony TV Tuner Controller [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.verizon.net/
IE - HKCU\..\URLSearchHook: *{00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/05/30 17:55:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/10 01:12:06 | 00,000,000 | ---D | M]


O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\Logi_MwX.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [Personal Security Center Monitor] C:\WINDOWS\System32\isc_ui.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100458 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident\4.0; FunWebProducts; Mozilla\4.0 ( File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk = C:\Program Files\sony\usbsircs\usbsircs.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VAIO Action Setup (Server).lnk = C:\Program Files\Sony\VAIO Action Setup\VAServ.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O8 - Extra context menu item: Add to Windows &Live Favorites - File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Steph\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 63.219.181.7 ([]http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1163367750046 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://ak.imgag.com/...tall/AxCtp2.cab (Create & Print ActiveX Plug-in)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,26/mcgdmgr.cab (DwnldGroupMgr Class)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll File not found
O29 - HKLM SecurityProviders - (ntoskrnl.dll) - .DS_Store ()
O29 - HKLM SecurityProviders - (xlibgfl254.dll) - .DS_Store ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/20 17:10:50 | 00,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/10/15 17:09:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/22 01:56:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer\Application Data\AVG8
[2009/10/15 17:09:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer\Application Data\Malwarebytes
[2009/10/22 01:54:12 | 00,889,840 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Jennifer\Desktop\avg_free_stb_all_8_37_cnet.exe
[2009/10/21 20:17:30 | 00,000,000 | ---D | C] -- C:\Avenger
[2009/10/18 10:33:45 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/10/18 10:31:02 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/10/18 10:31:02 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/10/18 10:31:02 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/10/18 10:31:02 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/10/18 10:30:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/18 10:29:09 | 00,000,000 | ---D | C] -- C:\Qoobox
[2007/03/25 21:06:02 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 14 Days ==========

[2009/10/25 21:58:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C71330FF-3D32-4CDC-877B-2A4D8C7B5123}.job
[2009/10/25 21:49:16 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/25 21:47:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/25 21:47:42 | 00,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/25 17:31:51 | 00,002,313 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\Microsoft Office Word 2007.lnk
[2009/10/25 17:28:22 | 00,013,627 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Sarris Christmas.xlsx
[2009/10/25 16:49:12 | 00,002,275 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\Microsoft Office Excel 2007.lnk
[2009/10/23 09:18:34 | 00,017,477 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Applelicious.xlsx
[2009/10/22 02:15:50 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/22 02:13:03 | 02,638,804 | -H-- | M] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\IconCache.db
[2009/10/22 02:11:35 | 00,000,451 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/22 01:54:17 | 00,889,840 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Jennifer\Desktop\avg_free_stb_all_8_37_cnet.exe
[2009/10/22 01:16:13 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\oldreg.reg
[2009/10/22 01:09:02 | 00,071,544 | ---- | M] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/22 00:52:51 | 00,445,532 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/22 00:52:51 | 00,078,402 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/22 00:52:50 | 00,534,402 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/21 06:31:36 | 00,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/21 06:10:11 | 00,002,279 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\Microsoft Office PowerPoint 2007.lnk
[2009/10/20 18:34:00 | 00,056,832 | ---- | M] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/19 07:28:17 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/18 10:34:28 | 00,000,281 | -HS- | M] () -- C:\boot.ini
[2009/10/17 17:54:49 | 43,179,769 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/10/16 08:35:14 | 00,033,037 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/10/14 09:10:52 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/10/14 09:10:51 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/10/11 22:35:08 | 00,015,179 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2008 - Applelicious.xlsx

========== Files - No Company Name ==========
[2009/10/22 10:06:14 | 00,013,627 | ---- | C] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Sarris Christmas.xlsx
[2009/10/22 01:16:13 | 00,000,682 | ---- | C] () -- C:\Documents and Settings\Jennifer\Desktop\oldreg.reg
[2009/10/18 10:34:28 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/10/18 10:34:25 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/10/18 10:31:02 | 00,236,544 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/18 10:31:02 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/18 10:31:02 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/18 10:31:02 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/09/20 19:11:53 | 00,000,253 | ---- | C] () -- C:\WINDOWS\Creator.INI
[2009/09/20 18:03:23 | 00,000,035 | ---- | C] () -- C:\WINDOWS\SIMTOWN.INI
[2009/06/30 19:34:04 | 02,638,804 | -H-- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\IconCache.db
[2009/04/25 14:08:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2008/01/05 02:59:25 | 00,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2008/01/05 02:58:04 | 00,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/01/05 02:58:04 | 00,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/12/09 21:58:34 | 00,000,037 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2007/06/08 06:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/05/20 18:36:10 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2007/05/20 17:10:50 | 00,000,347 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2007/04/26 23:13:04 | 00,001,080 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/04/17 20:51:57 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/03/24 18:13:29 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Caesar2.ini
[2007/02/12 14:33:26 | 00,056,832 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/14 17:37:33 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/25 22:32:00 | 00,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2005/09/10 15:20:55 | 00,000,331 | ---- | C] () -- C:\WINDOWS\WinFrotz.INI
[2005/08/07 16:01:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/08/02 23:11:06 | 00,000,011 | ---- | C] () -- C:\WINDOWS\exchng.ini
[2005/07/23 12:34:19 | 00,000,020 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/05/09 19:41:05 | 00,039,424 | RHS- | C] () -- C:\WINDOWS\System32\shdocpl.dll
[2005/04/18 17:04:59 | 00,071,544 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2004/09/15 20:37:38 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2004/09/15 19:42:55 | 00,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2004/09/15 19:40:38 | 00,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2004/09/15 19:40:38 | 00,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2004/09/15 19:36:47 | 00,000,196 | ---- | C] () -- C:\WINDOWS\EPSON RX500 Installer.ini
[2004/09/15 12:46:41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Jennifer\Application Data\desktop.ini
[2004/05/20 18:08:07 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/05/20 18:08:07 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/05/20 18:08:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/05/20 18:08:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/05/20 18:08:07 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/05/20 18:08:07 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/05/20 18:03:05 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\Px.ini
[2004/05/20 18:02:07 | 00,000,737 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/03/09 18:53:25 | 00,000,903 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/03/09 18:50:59 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2004/03/09 18:46:27 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2004/03/08 23:50:51 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/03/08 18:11:51 | 00,034,403 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2004/03/08 18:11:51 | 00,016,558 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2004/03/08 18:07:51 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2004/03/08 17:09:41 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/03/08 15:49:01 | 00,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/03/08 14:36:51 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\cbldrm.dll
[2004/03/08 14:36:50 | 00,000,730 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/08 14:36:37 | 00,000,839 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/03/08 14:36:35 | 00,000,451 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/03/08 07:40:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2003/08/12 12:58:40 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2003/08/12 12:58:32 | 00,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2003/08/12 12:58:22 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2003/08/12 12:58:20 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2002/06/12 16:21:12 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2001/10/12 11:58:20 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr310exd.dll
[2001/10/12 11:57:18 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\mr310exv.dll
[2000/12/07 11:13:58 | 00,015,164 | ---- | C] () -- C:\WINDOWS\mr310twc.ini
[1998/10/11 01:07:38 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1997/07/11 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/07/11 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1997/06/13 20:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2009/10/22 02:07:26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2007/05/20 16:35:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2009/07/04 06:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2006/12/27 11:52:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2006/09/23 10:53:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freedom
[2009/09/16 07:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2006/09/23 10:00:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2009/07/06 19:11:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2009/02/11 22:46:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2007/05/20 17:30:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2006/11/03 17:31:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QubeSoft
[2004/03/08 15:49:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2008/06/01 14:45:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Verizon
[2009/02/10 19:33:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/01/01 12:36:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/10/22 01:56:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Jennifer\Application Data
[2004/09/15 22:39:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\ArcSoft
[2009/06/14 14:39:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\AVGTOOLBAR
[2009/09/18 19:40:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Costco Photo Viewer US
[2004/11/13 13:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Drag'n Drop CD+DVD
[2008/12/25 15:56:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\EPSON
[2009/04/01 20:44:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\ErrorFix
[2009/03/20 23:04:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\gtk-2.0
[2007/06/10 09:35:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\IMVU
[2009/03/20 23:31:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\InterVideo
[2006/07/16 09:49:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Leadertech
[2009/09/16 07:48:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Motive
[2008/04/28 10:23:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Move Networks
[2006/09/25 22:08:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\MSN6
[2006/09/25 22:08:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\MSNInstaller
[2008/03/20 22:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\pdf995
[2004/09/15 22:30:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Smart Panel
[2007/09/26 08:46:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\U3
[2006/09/23 21:13:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Verizon
[2007/01/25 12:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\WinAntiVirus Pro 2006
[2009/03/15 09:04:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Windows Search
[2009/04/01 22:26:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\yoclient
[2003/03/31 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2004/09/14 23:53:59 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2009/10/25 21:47:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/10/25 21:58:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C71330FF-3D32-4CDC-877B-2A4D8C7B5123}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\rpcss.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\dllcache\rpcss.dll:SummaryInformation
< End of report >

[Maengar]

Malwarebytes' Anti-Malware 1.41
Database version: 3033
Windows 5.1.2600 Service Pack 3

10/26/2009 6:19:02 AM
mbam-log-2009-10-26 (06-19-02).txt

Scan type: Quick Scan
Objects scanned: 113052
Time elapsed: 10 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 175
Registry Values Infected: 4
Registry Data Items Infected: 12
Folders Infected: 8
Files Infected: 388

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sssinstaller.installer (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sssinstaller.installer.1 (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sssinstaller.sinstaller (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sssinstaller.sinstaller.1 (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0fbc3efb-fc98-4b32-bf10-bde9aa4dea5a} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6a4b7d17-1de9-4c14-8adf-eb4c07060519} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{85e06077-c824-43d0-a8dc-5efb17bc348a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{abf441b2-9b57-4838-96a0-34b1cecd4aa5} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a84e835e-1b9c-4fc0-980f-4b2da3c6a2a7} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf0a1ff4-bbaf-487f-bc85-a24ef8f443a8} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{74278296-0ec7-4f7a-ad55-eb7a2f35f311} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a84e835e-1b9c-4fc0-980f-4b2da3c6a2a7} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178f3fb-2560-458f-bdee-631e2fe0dfe4} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b5141620-c2b2-4d95-9f0f-134d99c87ab0} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f5bdc469-1ec5-4193-824b-2e209993d183} (Trojan.Smitfraud) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a84e835e-1b9c-4fc0-980f-4b2da3c6a2a7} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{bf0a1ff4-bbaf-487f-bc85-a24ef8f443a8} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhoSearchSpy.IESecPlugin (Trojan.Smitfraud) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\starware316 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE SecPlugin_is1 (Trojan.Smitfraud) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0533e7cd-a55c-4424-a360-747408914597}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{99a8ca18-a234-45ff-8af3-3b2c9ac4d9c6}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a86add88-dcb0-4a89-88de-e832db893b86}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0533e7cd-a55c-4424-a360-747408914597}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{99a8ca18-a234-45ff-8af3-3b2c9ac4d9c6}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{a86add88-dcb0-4a89-88de-e832db893b86}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0533e7cd-a55c-4424-a360-747408914597}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{99a8ca18-a234-45ff-8af3-3b2c9ac4d9c6}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{a86add88-dcb0-4a89-88de-e832db893b86}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{0533e7cd-a55c-4424-a360-747408914597}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{99a8ca18-a234-45ff-8af3-3b2c9ac4d9c6}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{a86add88-dcb0-4a89-88de-e832db893b86}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.149,85.255.112.60 -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\Jennifer\Application Data\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\Logs (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\Results (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\Logs\2009-04-01 20-44-170.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\Logs\2009-04-01 21-35-190.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-0.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-1.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-10.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-100.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-101.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-102.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-103.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-104.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-105.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-106.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-107.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-108.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-109.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-11.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-110.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-111.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-112.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-113.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-114.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-115.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-116.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-117.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-118.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-119.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-12.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-120.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-121.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-122.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-123.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-124.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-125.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-126.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-127.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-128.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-129.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-13.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-130.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-131.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-132.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-133.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-134.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-135.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-136.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-137.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-138.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-139.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-14.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-140.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-141.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-142.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-143.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-144.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-145.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-146.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-147.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-148.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-149.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-15.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-150.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-151.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-152.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-153.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-154.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-155.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-156.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-157.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-158.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-159.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-16.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-160.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-161.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-162.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-163.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-164.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-165.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-166.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-167.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-168.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-169.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-17.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-170.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-171.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-172.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-173.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-174.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-175.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-176.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-177.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-178.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-179.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-18.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-180.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-181.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-182.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-183.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-184.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-185.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-186.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-187.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-188.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-189.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-19.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-190.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-191.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-192.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-193.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-194.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-195.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-196.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-197.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-198.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-199.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-2.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-20.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-200.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-201.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-202.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-203.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-204.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-205.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-206.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-207.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-208.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-209.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-21.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-210.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-211.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-212.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-213.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-214.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-215.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-216.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-217.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-218.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-219.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-22.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-220.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-221.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-222.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-223.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-224.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-225.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-226.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-227.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-228.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-229.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-23.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-230.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-231.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-232.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-233.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-234.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-235.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-236.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-237.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-238.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-239.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-24.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-240.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-241.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-242.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-243.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-244.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-245.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-246.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-247.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-248.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-249.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-25.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-250.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-251.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-252.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-253.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-254.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-255.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-256.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-257.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-258.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-259.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-26.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-260.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-261.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-262.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-263.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-264.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-265.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-266.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-267.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-268.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-269.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-27.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-270.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-271.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-272.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-273.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-274.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-275.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-276.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-277.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-278.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-279.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-28.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-280.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-281.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-282.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-283.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-284.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-285.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-286.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-287.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-288.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-289.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-29.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-290.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-291.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-292.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-293.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-294.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-295.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-296.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-297.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-298.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-299.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-3.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-30.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-300.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-301.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-302.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-303.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-304.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-305.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-306.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-307.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-308.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-309.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-31.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-310.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-311.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-312.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-313.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-314.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-315.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-316.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-317.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-318.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-319.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-32.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-320.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-321.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-322.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-323.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-324.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-325.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-326.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-327.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-328.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-329.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-33.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-330.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-331.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-332.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-333.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-334.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-335.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-336.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-337.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-338.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-339.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-34.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-35.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-36.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-37.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-38.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-39.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-4.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-40.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-41.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-42.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-43.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-44.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-45.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-46.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-47.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-48.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-49.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-5.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-50.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-51.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-52.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-53.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-54.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-55.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-56.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-57.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-58.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-59.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-6.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-60.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-61.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-62.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-63.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-64.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-65.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-66.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-67.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-68.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-69.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-7.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-70.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-71.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-72.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-73.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-74.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-75.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-76.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-77.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-78.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-79.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-8.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-80.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-81.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-82.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-83.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-84.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-85.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-86.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-87.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-88.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-89.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-9.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-90.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-91.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-92.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-93.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-94.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-95.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-96.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-97.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-98.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 20-58-380\regb-99.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-0.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-1.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-10.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-11.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-12.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-13.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-14.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-15.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-16.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-17.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-18.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-19.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-2.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-20.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-21.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-22.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-23.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-24.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-25.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-26.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-27.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-28.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-29.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-3.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-30.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-31.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-32.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-33.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-34.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-35.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-4.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-5.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-6.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-7.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-8.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\QuarantineW\2009-04-01 21-44-430\regb-9.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\Results\Evidence.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\Results\Junk.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\Results\Registry.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\ErrorFix\Results\Update.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\WinAntiVirus Pro 2006\Logs\update.log (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\WinAntiVirus Pro 2006\Logs\wa6Support.log (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer\Application Data\WinAntiVirus Pro 2006\Logs\winav.log (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\WINDOWS\inf\ultra.PNF (Malware.Trace) -> Quarantined and deleted successfully.

[Maengar]

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Tuesday, October 27, 2009
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, October 27, 2009 00:33:06
Records in database: 3087334
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Objects scanned: 80041
Threats found: 6
Infected objects found: 7
Suspicious objects found: 0
Scan duration: 03:02:09


File name / Threat / Threats count
C:\Avenger\eventlog.dll Infected: Trojan.Win32.Sirefef.a 1
C:\data Infected: Trojan-Downloader.Win32.IstBar.ja 1
C:\Program Files\MSN Messenger\msimg32.dll Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.au 1
C:\Program Files\MSN Messenger\riched20.dll Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\6to4v32.dll.vir Infected: Backdoor.Win32.Agent.alsr 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\WINDOWS\system32\isc_cpl.cpl Infected: not-a-virus:FraudTool.Win32.SecurityCenter.e 1

Selected area has been scanned.

[Onaipian]

Hiya! How is everything running? Do you notice anything amiss?


Step One
Run OTL (Double click to run)

• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :Files
  C:\data
  C:\Program Files\MSN Messenger\msimg32.dll
  C:\Program Files\MSN Messenger\riched20.dll
  C:\WINDOWS\system32\isc_cpl.cpl
  
  :Commands
  [purity]
  [emptytemp]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, and accept to reboot when it's finished.
• During start-up, a log will open. Paste the contents of it back here.

  :::::::::::::::::::::::::::::::::::::::::::::::::::

Open OTL again.

• Click the Quick Scan button.
• Post the log it produces in your next reply.

Step Two
Please re-open Malwarebytes' Anti-Malware.

• Click the Update tab, and then click Check for Updates.
• After updating, click the Scanner tab.
• Select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.




Logs&Info
Remember to post back the following logs:

• OTL Fix Results (Start-up)
• OTL Quick Scan Results
• Most recent MalwareBytes' Results

[Maengar]

The computer seems to be working ok.
I haven't had any problems.
Here are the scan results.

OTL logfile created on: 10/29/2009 8:56:41 PM - Run 5
OTL by OldTimer - Version 3.0.21.0 Folder = g:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.53 Mb Total Physical Memory | 166.86 Mb Available Physical Memory | 34.80% Memory free
1.10 Gb Paging File | 0.83 Gb Available in Paging File | 75.53% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 2.00 Gb Free Space | 14.33% Space Free | Partition Type: NTFS
Drive D: | 167.33 Gb Total Space | 67.73 Gb Free Space | 40.48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 247.22 Mb Total Space | 181.86 Mb Free Space | 73.56% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RICKERT-1
Current User Name: Jennifer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/10/19 17:15:58 | 00,521,216 | ---- | M] (OldTimer Tools) -- g:\otl.exe
PRC - [2009/07/31 15:23:21 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/31 15:23:19 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/03/10 14:57:18 | 01,553,920 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2009/02/20 13:52:23 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/04/11 13:13:04 | 00,151,552 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\Pelmiced.exe
PRC - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
PRC - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/01/20 14:48:06 | 00,142,416 | R--- | M] (Command Software Systems, Inc.) -- C:\Program Files\Common Files\Command Software\dvpapi.exe
PRC - [2004/07/14 15:36:54 | 00,057,344 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\System32\ICO.EXE
PRC - [2004/03/12 20:32:38 | 00,086,098 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
PRC - [2004/03/12 15:20:34 | 01,691,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
PRC - [2004/02/25 08:22:06 | 00,737,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
PRC - [2004/02/25 08:12:38 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
PRC - [2003/12/05 16:32:56 | 00,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\shwserv.exe
PRC - [2003/12/05 16:32:06 | 00,090,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe
PRC - [2003/10/30 15:48:10 | 01,286,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
PRC - [2003/10/06 23:26:10 | 00,229,376 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\usbsircs\usbsircs.exe
PRC - [2003/07/28 21:12:18 | 00,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Logi_MwX.Exe
PRC - [2003/02/17 01:35:06 | 00,053,248 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
PRC - [2002/08/20 14:29:26 | 00,040,960 | ---- | M] (Easy Systems Japan Ltd.) -- C:\WINDOWS\System32\ezSP_Px.exe

========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (WSearch [Auto | Stopped])
SRV - File not found -- -- (SymWSC [Auto | Stopped])
SRV - File not found -- -- (OneCareMP [Disabled | Stopped])
SRV - File not found -- -- (msfwsvc [Disabled | Stopped])
SRV - [2009/07/31 15:23:19 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/02/20 13:52:23 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2006/04/24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2006/01/20 14:48:06 | 00,142,416 | R--- | M] (Command Software Systems, Inc.) -- C:\Program Files\Common Files\Command Software\dvpapi.exe -- (dvpapi [Auto | Running])
SRV - [2005/05/04 00:04:28 | 09,150,464 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS [Disabled | Stopped])
SRV - [2005/05/03 22:50:28 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
SRV - [2005/05/03 21:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS [Disabled | Stopped])
SRV - [2004/03/12 20:33:54 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service [On_Demand | Stopped])
SRV - [2004/03/12 20:32:38 | 00,086,098 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -- (VAIO Entertainment File Import Service [Auto | Running])
SRV - [2004/03/12 20:11:34 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])
SRV - [2004/03/12 19:57:42 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -- (VAIO Entertainment UPnP Client Adapter [On_Demand | Stopped])
SRV - [2004/03/12 15:20:34 | 01,691,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [Auto | Running])
SRV - [2004/03/05 16:35:34 | 00,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
SRV - [2004/02/25 08:22:06 | 00,737,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP [Auto | Running])
SRV - [2004/02/25 08:22:06 | 00,737,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [Auto | Running])
SRV - [2004/02/25 08:12:38 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-VideoServer-HTTP [Auto | Running])
SRV - [2004/02/25 08:12:38 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [Auto | Running])
SRV - [2003/12/09 09:38:14 | 00,065,625 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe -- (PACSPTISVR [On_Demand | Stopped])
SRV - [2003/12/09 09:32:58 | 00,065,622 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe -- (SPTISRV [On_Demand | Stopped])
SRV - [2003/12/05 16:32:56 | 00,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\shwserv.exe -- (Giga Pocket Hardware Detector [Auto | Running])
SRV - [2003/12/05 16:32:06 | 00,090,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe -- (Sony TV Tuner Manager [On_Demand | Running])
SRV - [2003/10/30 15:48:10 | 01,286,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer [Auto | Running])
SRV - [2003/09/25 16:38:56 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\halsv.exe -- (Sony TV Tuner Controller [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.verizon.net/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/05/30 17:55:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/10 01:12:06 | 00,000,000 | ---D | M]


O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\Logi_MwX.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [Personal Security Center Monitor] C:\WINDOWS\System32\isc_ui.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100458 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident\4.0; FunWebProducts; Mozilla\4.0 ( File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk = C:\Program Files\sony\usbsircs\usbsircs.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VAIO Action Setup (Server).lnk = C:\Program Files\Sony\VAIO Action Setup\VAServ.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O8 - Extra context menu item: Add to Windows &Live Favorites - File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Steph\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 63.219.181.7 ([]http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1163367750046 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://ak.imgag.com/...tall/AxCtp2.cab (Create & Print ActiveX Plug-in)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,26/mcgdmgr.cab (DwnldGroupMgr Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll File not found
O29 - HKLM SecurityProviders - (ntoskrnl.dll) - .DS_Store ()
O29 - HKLM SecurityProviders - (xlibgfl254.dll) - .DS_Store ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/20 17:10:50 | 00,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/10/25 22:23:16 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/26 20:35:26 | 00,000,000 | ---D | C] -- C:\javara
[2009/10/26 20:35:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer\My Documents\New Folder (2)
[2009/10/25 22:23:19 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/25 22:23:16 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/25 22:22:26 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jennifer\Desktop\mbam-setup.exe
[2009/10/22 01:54:12 | 00,889,840 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Jennifer\Desktop\avg_free_stb_all_8_37_cnet.exe
[2009/10/21 20:17:30 | 00,000,000 | ---D | C] -- C:\Avenger
[2009/10/18 10:33:45 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/10/18 10:31:02 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/10/18 10:31:02 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/10/18 10:31:02 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/10/18 10:31:02 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/10/18 10:30:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/18 10:29:09 | 00,000,000 | ---D | C] -- C:\Qoobox
[2007/03/25 21:06:02 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 14 Days ==========

[2009/10/29 20:58:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C71330FF-3D32-4CDC-877B-2A4D8C7B5123}.job
[2009/10/29 15:35:56 | 00,019,389 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Applelicious Delivery Sheet.xlsx
[2009/10/29 15:34:53 | 00,002,275 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\Microsoft Office Excel 2007.lnk
[2009/10/29 15:05:11 | 00,002,313 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\Microsoft Office Word 2007.lnk
[2009/10/29 06:20:13 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/29 06:19:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/29 06:18:56 | 00,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/29 06:11:55 | 01,576,944 | -H-- | M] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\IconCache.db
[2009/10/28 06:52:21 | 00,014,144 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Sarris Christmas.xlsx
[2009/10/26 19:44:12 | 00,015,742 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2008 - Sarris.xlsx
[2009/10/26 09:37:56 | 00,017,492 | ---- | M] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Applelicious.xlsx
[2009/10/25 22:23:22 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/25 22:22:40 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jennifer\Desktop\mbam-setup.exe
[2009/10/22 02:15:50 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/22 02:11:35 | 00,000,451 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/22 01:54:17 | 00,889,840 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Jennifer\Desktop\avg_free_stb_all_8_37_cnet.exe
[2009/10/22 01:16:13 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\oldreg.reg
[2009/10/22 01:09:02 | 00,071,544 | ---- | M] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/22 00:52:51 | 00,445,532 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/22 00:52:51 | 00,078,402 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/22 00:52:50 | 00,534,402 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/21 06:31:36 | 00,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/21 06:10:11 | 00,002,279 | ---- | M] () -- C:\Documents and Settings\Jennifer\Desktop\Microsoft Office PowerPoint 2007.lnk
[2009/10/20 18:34:00 | 00,056,832 | ---- | M] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/19 07:28:17 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/18 10:34:28 | 00,000,281 | -HS- | M] () -- C:\boot.ini

========== Files - No Company Name ==========
[2009/10/29 07:30:44 | 00,019,389 | ---- | C] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Applelicious Delivery Sheet.xlsx
[2009/10/25 22:23:22 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/22 10:06:14 | 00,014,144 | ---- | C] () -- C:\Documents and Settings\Jennifer\My Documents\SLR 2009 - Sarris Christmas.xlsx
[2009/10/22 01:16:13 | 00,000,682 | ---- | C] () -- C:\Documents and Settings\Jennifer\Desktop\oldreg.reg
[2009/10/18 10:34:28 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/10/18 10:34:25 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/10/18 10:31:02 | 00,236,544 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/18 10:31:02 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/18 10:31:02 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/18 10:31:02 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/09/20 19:11:53 | 00,000,253 | ---- | C] () -- C:\WINDOWS\Creator.INI
[2009/09/20 18:03:23 | 00,000,035 | ---- | C] () -- C:\WINDOWS\SIMTOWN.INI
[2009/06/30 19:34:04 | 01,576,944 | -H-- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\IconCache.db
[2009/04/25 14:08:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2008/01/05 02:59:25 | 00,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2008/01/05 02:58:04 | 00,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/01/05 02:58:04 | 00,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/12/09 21:58:34 | 00,000,037 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2007/06/08 06:59:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/05/20 18:36:10 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2007/05/20 17:10:50 | 00,000,347 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2007/04/26 23:13:04 | 00,001,080 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/04/17 20:51:57 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/03/24 18:13:29 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Caesar2.ini
[2007/02/12 14:33:26 | 00,056,832 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/14 17:37:33 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/25 22:32:00 | 00,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2005/09/10 15:20:55 | 00,000,331 | ---- | C] () -- C:\WINDOWS\WinFrotz.INI
[2005/08/07 16:01:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/08/02 23:11:06 | 00,000,011 | ---- | C] () -- C:\WINDOWS\exchng.ini
[2005/07/23 12:34:19 | 00,000,020 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/05/09 19:41:05 | 00,039,424 | RHS- | C] () -- C:\WINDOWS\System32\shdocpl.dll
[2005/04/18 17:04:59 | 00,071,544 | ---- | C] () -- C:\Documents and Settings\Jennifer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2004/09/15 20:37:38 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2004/09/15 19:42:55 | 00,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2004/09/15 19:40:38 | 00,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2004/09/15 19:40:38 | 00,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2004/09/15 19:36:47 | 00,000,196 | ---- | C] () -- C:\WINDOWS\EPSON RX500 Installer.ini
[2004/09/15 12:46:41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Jennifer\Application Data\desktop.ini
[2004/05/20 18:08:07 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/05/20 18:08:07 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/05/20 18:08:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/05/20 18:08:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/05/20 18:08:07 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/05/20 18:08:07 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/05/20 18:03:05 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\Px.ini
[2004/05/20 18:02:07 | 00,000,737 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/03/09 18:53:25 | 00,000,903 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/03/09 18:50:59 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2004/03/09 18:46:27 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2004/03/08 23:50:51 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/03/08 18:11:51 | 00,034,403 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2004/03/08 18:11:51 | 00,016,558 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2004/03/08 18:07:51 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2004/03/08 17:09:41 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/03/08 15:49:01 | 00,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/03/08 14:36:51 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\cbldrm.dll
[2004/03/08 14:36:50 | 00,000,730 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/08 14:36:37 | 00,000,839 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/03/08 14:36:35 | 00,000,451 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/03/08 07:40:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2003/08/12 12:58:40 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2003/08/12 12:58:32 | 00,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2003/08/12 12:58:22 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2003/08/12 12:58:20 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2002/06/12 16:21:12 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2001/10/12 11:58:20 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr310exd.dll
[2001/10/12 11:57:18 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\mr310exv.dll
[2000/12/07 11:13:58 | 00,015,164 | ---- | C] () -- C:\WINDOWS\mr310twc.ini
[1998/10/11 01:07:38 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1997/07/11 00:00:00 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/07/11 00:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1997/06/13 20:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2009/10/25 22:15:16 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2007/05/20 16:35:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2006/12/27 11:52:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2006/09/23 10:53:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freedom
[2009/09/16 07:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2006/09/23 10:00:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2009/07/06 19:11:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2009/02/11 22:46:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2007/05/20 17:30:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2006/11/03 17:31:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QubeSoft
[2004/03/08 15:49:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2008/06/01 14:45:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Verizon
[2009/02/10 19:33:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/01/01 12:36:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/10/26 06:19:02 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Jennifer\Application Data
[2004/09/15 22:39:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\ArcSoft
[2009/09/18 19:40:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Costco Photo Viewer US
[2004/11/13 13:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Drag'n Drop CD+DVD
[2008/12/25 15:56:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\EPSON
[2009/03/20 23:04:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\gtk-2.0
[2007/06/10 09:35:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\IMVU
[2009/03/20 23:31:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\InterVideo
[2006/07/16 09:49:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Leadertech
[2009/09/16 07:48:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Motive
[2008/04/28 10:23:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Move Networks
[2006/09/25 22:08:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\MSN6
[2006/09/25 22:08:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\MSNInstaller
[2008/03/20 22:49:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\pdf995
[2004/09/15 22:30:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Smart Panel
[2007/09/26 08:46:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\U3
[2006/09/23 21:13:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Verizon
[2009/03/15 09:04:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\Windows Search
[2009/04/01 22:26:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer\Application Data\yoclient
[2003/03/31 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2004/09/14 23:53:59 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2009/10/29 06:19:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/10/29 20:58:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C71330FF-3D32-4CDC-877B-2A4D8C7B5123}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\rpcss.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\dllcache\rpcss.dll:SummaryInformation
< End of report >


Malwarebytes' Anti-Malware 1.41
Database version: 3033
Windows 5.1.2600 Service Pack 3

10/30/2009 2:37:13 PM
mbam-log-2009-10-30 (14-37-13).txt

Scan type: Quick Scan
Objects scanned: 113679
Time elapsed: 9 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[Onaipian]

One little fix, then we can finish-up.
Just want to make sure you aren't having any problems. The computer is for sure running well?


OTL Fix
Run OTL (Double click to run)

• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :OTL
  O29 - HKLM SecurityProviders - (xlibgfl254.dll) - .DS_Store ()
  
  :Commands
  [purity]
  [emptytemp]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, and accept to reboot when it's finished.
• During start-up, a log will open. Paste the contents of it back here.

[Maengar]

The computer is working fine. It is slow, but not as slow as it used to be. My hard drive is nearly full, so this could be the problem.


All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:xlibgfl254.dll deleted successfully.
.DS_Store moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jennifer
->Temp folder emptied: 5518 bytes
File delete failed. C:\Documents and Settings\Jennifer\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 19152218 bytes
->Java cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner

User: Steven

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\WINDOWS\temp\JETAAD1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JETCCB1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JETE886.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JETE980.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_678.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 17048 bytes
RecycleBin emptied: 216115285 bytes

Total Files Cleaned = 224.45 mb


OTL by OldTimer - Version 3.0.21.0 log created on 10302009_210428

Files\Folders moved on Reboot...
C:\WINDOWS\temp\JETAAD1.tmp moved successfully.
C:\WINDOWS\temp\JETCCB1.tmp moved successfully.
File\Folder C:\WINDOWS\temp\JETE886.tmp not found!
C:\WINDOWS\temp\JETE980.tmp moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_678.dat not found!

Registry entries deleted on Reboot...

[Onaipian]

Greetings.

That could very well be the problem.. Time for some spring cleaning perhaps?
You currently have 2Gb of free space, out a total of 13.97Gb.

But on the bright side, your computer is clean of malware! We have a bit of cleaning to do still.. Removing tools, quarantined files, that kind of stuff.


ComboFix /Uninstall
The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run,
Copy/Paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall





Tools Used
This is so that should you ever be re-infected, you will download updated versions. It will also remove the quarantined Malware from your computer.

• Download OTC to your desktop and run it
• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Windows Updates
You should visit the Windows Update site about once a month. If you're feeling lazy you can turn on Automatic Updates which will do most of the work for you. (ask me how)

Go to update.microsoft.com using Internet Explorer. Click High Priority Updates and then check all of the updates and then click the Download botton. A windows should pop up giving the status of each update. Restart if asked to.




Prevention Tools

• Spywareblaster
  SpywareBlaster will prevent spyware from being installed.
  
• Spywareguard
  SpywareGuard offers realtime protection from spyware installation attempts.
  
• NoScript
  Add-on for Firefox that allows active content to run only from the sites you trust!
  
• ATF Cleaner
  Clean out temp files safely, and effectively. NOTE: This program is for Windows 2000, XP and Vista only!

======================================================

If you are wondering how you got infected in the first place please visit this cool page called:
How did I get infected in the first place?

Glad I could help, piano9playa5

[Maengar]

Thanks for your help
I was starting to think i neede to buy a new computer, but I think i can still get some mileage out of this one!
I apreciate all you have done to get it going again!!

[Onaipian]

Your welcome.

Thanks for your kind words.

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.