Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

firefox wont open. pc slow help =( [Closed]

Started by jhaycee , Dec 06 2009 04:34 PM

  • This topic is locked This topic is locked

#16
andrewuk
Posted 19 January 2010 - 02:16 AM

andrewuk

    Trusted Helper

  • Malware Removal
  • 5,297 posts
topic re-opened, user returned.

please continue with the instructions in my prior post.

andrewuk
  • 0

Advertisements

#17
jhaycee
Posted 19 January 2010 - 03:15 PM

jhaycee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
i did everything except for the kaspersky scan. i updated my java but it still wouldnt work.

VirSCAN.org Scanned Report :
Scanned time : 2010/01/10 10:39:50 (PST)
Scanner results: Scanners did not find malware!
File Name : iaStor.svs
File Size : 246784 byte
File Type : PE32 executable for MS Windows (native) Intel 80386 32-bit
MD5 : 019cf5f31c67030841233c545a0e217a
SHA1 : 57f164f409a35520f4cb43556d5330887879e984
Online report : http://virscan.org/r...17827e1a1a.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20100110180442 2010-01-10 5.36 -
AhnLab V3 2010.01.09.02 2010.01.09 2010-01-09 3.36 -
AntiVir 8.2.1.134 7.10.2.152 2010-01-10 0.06 -
Antiy 2.0.18 20100108.3621411 2010-01-08 0.12 -
Arcavir 2009 201001091222 2010-01-09 0.05 -
Authentium 5.1.1 201001101452 2010-01-10 2.04 -
AVAST! 4.7.4 100110-0 2010-01-10 0.02 -
AVG 8.5.288 270.14.132/2611 2010-01-10 0.36 -
BitDefender 7.81008.4850632 7.29819 2010-01-11 4.17 -
CA (VET) 35.1.0 7225 2010-01-07 17.58 -
ClamAV 0.95.2 10276 2010-01-09 0.05 -
Comodo 3.13.579 3409 2010-01-10 1.34 -
CP Secure 1.3.0.5 2010.01.10 2010-01-10 0.07 -
Dr.Web 4.44.0.9170 2010.01.10 2010-01-10 8.46 -
F-Prot 4.4.4.56 20100110 2010-01-10 1.95 -
F-Secure 7.02.73807 2010.01.10.05 2010-01-10 0.11 -
Fortinet 11.355- 11.355 2010-01-09 0.21 -
GData 19.9889/19.669 20100110 2010-01-10 10.87 -
ViRobot 20100108 2010.01.08 2010-01-08 0.64 -
Ikarus T3.1.01.80 2010.01.10.74933 2010-01-10 4.89 -
JiangMin 13.0.900 2010.01.09 2010-01-09 11.75 -
Kaspersky 5.5.10 2010.01.10 2010-01-10 0.07 -
KingSoft 2009.2.5.15 2010.1.10.22 2010-01-10 0.62 -
McAfee 5.3.00 5857 2010-01-10 3.37 -
Microsoft 1.5302 2010.01.10 2010-01-10 6.73 -
Norman 6.01.09 6.01.00 2010-01-09 4.02 -
Panda 9.05.01 2010.01.09 2010-01-09 1.89 -
Trend Micro 9.120-1004 6.760.05 2010-01-10 0.03 -
Quick Heal 10.00 2010.01.09 2010-01-09 1.49 -
Rising 20.0 22.29.06.04 2010-01-10 1.04 -
Sophos 3.03.0 4.49 2010-01-11 3.02 -
Sunbelt 3.9.2389.2 5610 2010-01-10 2.39 -
Symantec 1.3.0.24 20100102.020 2010-01-02 0.05 -
nProtect 20100110.01 6839932 2010-01-10 4.55 -
The Hacker 6.5.0.3 v00145 2010-01-10 0.82 -
VBA32 3.12.12.1 20100108.2153 2010-01-08 2.43 -
VirusBuster 4.5.11.10 10.118.27/2007503 2010-01-10 2.49 -





VirSCAN.org Scanned Report :
Scanned time : 2010/01/18 12:01:24 (PST)
Scanner results: Scanners did not find malware!
File Name : svchost.exe
File Size : 22016 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 10da15933d582d2fedcf705efe394b09
SHA1 : 00beb64af60255d5eb76b2edbd30b46de681da32
Online report : http://virscan.org/r...e663e05ca0.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20100119033256 2010-01-19 11.05 -
AhnLab V3 2010.01.19.00 2010.01.19 2010-01-19 1.80 -
AntiVir 8.2.1.142 7.10.2.226 2010-01-18 0.25 -
Antiy 2.0.18 20100118.3721024 2010-01-18 0.12 -
Arcavir 2009 201001181304 2010-01-18 0.03 -
Authentium 5.1.1 201001171732 2010-01-17 1.30 -
AVAST! 4.7.4 100118-0 2010-01-18 0.01 -
AVG 8.5.720 270.14.149/2631 2010-01-19 0.24 -
BitDefender 7.81008.4876865 7.29942 2010-01-19 4.21 -
CA (VET) 35.1.0 7240 2010-01-15 4.66 -
ClamAV 0.95.2 10308 2010-01-18 0.01 -
Comodo 3.13.579 3409 2010-01-18 0.89 -
CP Secure 1.3.0.5 2010.01.18 2010-01-18 0.04 -
Dr.Web 4.44.0.9170 2010.01.18 2010-01-18 8.60 -
F-Prot 4.4.4.56 20100118 2010-01-18 1.28 -
F-Secure 7.02.73807 2010.01.18.08 2010-01-18 9.41 -
Fortinet 11.391- 11.391 2010-01-18 0.18 -
GData 19.10011/19.684 20100118 2010-01-18 5.80 -
ViRobot 20100118 2010.01.18 2010-01-18 0.41 -
Ikarus T3.1.01.80 2010.01.18.74989 2010-01-18 4.27 -
JiangMin 13.0.900 2010.01.18 2010-01-18 6.25 -
Kaspersky 5.5.10 2010.01.18 2010-01-18 0.07 -
KingSoft 2009.2.5.15 2010.1.18.18 2010-01-18 0.56 -
McAfee 5.3.00 5865 2010-01-18 3.35 -
Microsoft 1.5302 2010.01.18 2010-01-18 6.88 -
Norman 6.01.09 6.01.00 2010-01-16 4.01 -
Panda 9.05.01 2010.01.18 2010-01-18 3.04 -
Trend Micro 9.120-1004 6.778.04 2010-01-18 0.04 -
Quick Heal 10.00 2010.01.18 2010-01-18 1.78 -
Rising 20.0 22.31.00.04 2010-01-18 1.14 -
Sophos 3.03.0 4.49 2010-01-19 3.14 -
Sunbelt 3.9.2390.2 5622 2010-01-17 2.74 -
Symantec 1.3.0.24 20100112.005 2010-01-12 0.00 -
nProtect 20100118.03 6932382 2010-01-18 4.19 -
The Hacker 6.5.0.6 v00155 2010-01-18 0.76 -
VBA32 3.12.12.1 20100116.2302 2010-01-16 2.40 -
VirusBuster 4.5.11.10 10.119.9/2022922 2010-01-19 2.36 -






VirSCAN.org Scanned Report :
Scanned time : 2010/01/18 11:58:57 (PST)
Scanner results: Scanners did not find malware!
File Name : explorer.exe
File Size : 2923520 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 37440d09deae0b672a04dccf7abf06be
SHA1 : 28cec32abf5a85e3ba4a83b2b300d129b79db160
Online report : http://virscan.org/r...e5f94b148b.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20100119033256 2010-01-19 4.25 -
AhnLab V3 2010.01.19.00 2010.01.19 2010-01-19 1.13 -
AntiVir 8.2.1.142 7.10.2.226 2010-01-18 0.52 -
Antiy 2.0.18 20100118.3721024 2010-01-18 0.12 -
Arcavir 2009 201001181304 2010-01-18 0.09 -
Authentium 5.1.1 201001171732 2010-01-17 2.37 -
AVAST! 4.7.4 100118-0 2010-01-18 0.11 -
AVG 8.5.720 270.14.149/2631 2010-01-19 0.26 -
BitDefender 7.81008.4876865 7.29942 2010-01-19 4.19 -
CA (VET) 35.1.0 7240 2010-01-15 6.60 -
ClamAV 0.95.2 10308 2010-01-18 0.32 -
Comodo 3.13.579 3409 2010-01-18 0.90 -
CP Secure 1.3.0.5 2010.01.18 2010-01-18 0.47 -
Dr.Web 4.44.0.9170 2010.01.18 2010-01-18 8.58 -
F-Prot 4.4.4.56 20100118 2010-01-18 2.28 -
F-Secure 7.02.73807 2010.01.18.08 2010-01-18 0.17 -
Fortinet 11.391- 11.391 2010-01-18 0.24 -
GData 19.10011/19.684 20100118 2010-01-18 5.70 -
ViRobot 20100118 2010.01.18 2010-01-18 0.41 -
Ikarus T3.1.01.80 2010.01.18.74989 2010-01-18 4.40 -
JiangMin 13.0.900 2010.01.18 2010-01-18 4.67 -
Kaspersky 5.5.10 2010.01.18 2010-01-18 0.07 -
KingSoft 2009.2.5.15 2010.1.18.18 2010-01-18 0.57 -
McAfee 5.3.00 5865 2010-01-18 3.38 -
Microsoft 1.5302 2010.01.18 2010-01-18 6.80 -
Norman 6.01.09 6.01.00 2010-01-16 4.01 -
Panda 9.05.01 2010.01.18 2010-01-18 1.89 -
Trend Micro 9.120-1004 6.778.04 2010-01-18 0.04 -
Quick Heal 10.00 2010.01.18 2010-01-18 2.04 -
Rising 20.0 22.31.00.04 2010-01-18 1.02 -
Sophos 3.03.0 4.49 2010-01-19 3.15 -
Sunbelt 3.9.2390.2 5622 2010-01-17 2.35 -
Symantec 1.3.0.24 20100112.005 2010-01-12 0.00 -
nProtect 20100118.03 6932382 2010-01-18 4.31 -
The Hacker 6.5.0.6 v00155 2010-01-18 0.81 -
VBA32 3.12.12.1 20100116.2302 2010-01-16 2.71 -
VirusBuster 4.5.11.10 10.119.9/2022922 2010-01-19 3.08 -




SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/18/2010 at 10:49 PM

Application Version : 4.33.1000

Core Rules Database Version : 4492
Trace Rules Database Version: 2307

Scan type : Complete Scan
Total Scan Time : 04:52:46

Memory items scanned : 833
Memory threats detected : 0
Registry items scanned : 7773
Registry threats detected : 0
File items scanned : 228763
File threats detected : 83

Adware.Tracking Cookie
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@atwola[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@backcountry[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@belnk[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@blackmother[bleep]ers[2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@clicksor[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@findtabs[2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@imrworldwide[2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@interclick[2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@kanoodle[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@mediamax[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@myfirstpornscene[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@nextag[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@partner2profit[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@pitchforkmedia[2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@precisionclick[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@qnsr[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@redorbit[2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][3].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@soundclick[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@superstats[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@teenhitchhikers[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@trafficdashboard[2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@usateenmodels[1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@usateenmodels[2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@wildpornpass[2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][3].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][2].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\[email protected][1].txt
C:\$WINDOWS.~Q\DATA\Documents and Settings\Jc\Local Settings\Temp\Cookies\jc@xiti[1].txt
C:\Users\Jc\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\Jc\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\Jc\AppData\Roaming\Microsoft\Windows\Cookies\Low\jc@precisionclick[2].txt
C:\Users\Jc\AppData\Roaming\Microsoft\Windows\Cookies\Low\jc@soundclick[1].txt
C:\Users\Jc\AppData\Roaming\Microsoft\Windows\Cookies\Low\jc@trafficdashboard[1].txt
C:\Users\Jc\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

Malware.Installer-Pkg/Gen
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{26D2C2C3-CF14-4ED7-B1FC-0BE64AFBA3B3}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{3C48F877-A164-45E9-B9DA-26A049FFC207}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6293BC00-4EB8-4C65-8548-53E2FC3BF937}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{651956B7-1969-42AA-9453-E0B813019D54}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6B6A7665-DB48-4762-AB5D-BEEB9E1CD7FA}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{989E4C3B-B2C9-4486-9A09-D5A8F953837C}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{C0A0AA4D-C79B-48CA-8843-2B02B626C9E6}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{C2D8F0E2-6978-4409-8351-BA8785DA11EE}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{D1A6F3FD-7B40-443F-8767-BADB25A0D222}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{E0814F95-5380-4892-B8C8-7FA4B349EF46}.EXE
  • 0

#18
andrewuk
Posted 19 January 2010 - 03:53 PM

andrewuk

    Trusted Helper

  • Malware Removal
  • 5,297 posts
try this one:

Please go HERE to run Panda's TotalScan
  • Select the bubble for Scan now
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • Then the scan will begin
  • When the scan completes, click the Save button on the right of Scan details
  • Save it to a convenient location. Post the contents of the TotalScan report
andrewuk
  • 0

#19
jhaycee
Posted 20 January 2010 - 11:35 PM

jhaycee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
it only works with internet explorer and firefox. my firefox is not working. it wont even open. and my internet explorer has not been working properly since i switched to vista.
i tried IE and went to the website but when i was asked to install activeX, there was no yellow bar that i can click to. so...
  • 0

#20
andrewuk
Posted 21 January 2010 - 11:30 AM

andrewuk

    Trusted Helper

  • Malware Removal
  • 5,297 posts
this is proving to be tricky. lets take stock of where we are:

could you delete the version of OTL you have on your desktop and download a new version . . . . it will have been updated since you last used it.

go to http://www.geekstogo...uide-t2852.html and go to Step Five: Post an OTL Log and run the OTL log, include the custom scan as explained on that page. you will most likely only get one log this time

The text from these files may exceed the maximum post length for this forum. Hence, you may need to post the information over 2 or more posts.

andrewuk
  • 0

#21
jhaycee
Posted 21 January 2010 - 08:39 PM

jhaycee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
OTL logfile created on: 1/21/2010 6:17:29 PM - Run 4
OTL by OldTimer - Version 3.1.25.4 Folder = C:\Users\Jc\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 101.02 Gb Free Space | 44.28% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JHAYCEE
Current User Name: Jc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/21 18:16:29 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Users\Jc\Desktop\OTL.exe
PRC - [2010/01/11 15:21:52 | 00,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010/01/05 07:56:02 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/12/11 09:17:53 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/09/21 15:36:08 | 10,309,408 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe
PRC - [2009/09/21 15:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/09/18 01:14:26 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/08/14 18:04:55 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/14 18:04:55 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/14 18:04:35 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/18 21:23:16 | 00,049,968 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe
PRC - [2009/04/15 19:55:48 | 00,196,608 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinDetectUI.exe
PRC - [2009/04/14 02:33:00 | 00,207,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/06 09:33:00 | 00,041,264 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aolsoftware.exe
PRC - [2008/10/28 22:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/29 18:12:56 | 00,230,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\VistaSrv.exe
PRC - [2008/06/17 15:16:14 | 03,463,976 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe
PRC - [2008/04/26 16:14:22 | 00,099,752 | ---- | M] () -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\WBVista.exe
PRC - [2008/01/28 17:25:05 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2008/01/28 11:43:40 | 02,097,488 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/01/28 11:43:32 | 00,810,320 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/06/11 17:16:12 | 00,103,928 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
PRC - [2007/06/11 05:53:44 | 00,455,600 | ---- | M] () -- C:\Program Files\Lexmark 6500 Series\lxdfmon.exe
PRC - [2007/06/04 09:02:00 | 00,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0350Mon.exe
PRC - [2007/06/01 00:06:09 | 00,020,480 | ---- | M] () -- C:\Program Files\Lexmark 6500 Series\lxdfamon.exe
PRC - [2007/05/28 22:06:44 | 00,598,960 | ---- | M] ( ) -- C:\Windows\System32\lxdfcoms.exe
PRC - [2007/05/28 22:06:20 | 00,099,248 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxdfserv.exe
PRC - [2007/04/30 18:43:54 | 03,450,608 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
PRC - [2007/04/11 11:31:29 | 01,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/01/12 08:52:10 | 00,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe
PRC - [2007/01/12 08:51:28 | 00,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/12/28 16:24:45 | 01,119,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2006/12/28 16:19:38 | 00,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2006/11/27 09:14:52 | 00,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
PRC - [2006/11/09 10:19:14 | 00,204,800 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
PRC - [2006/11/02 01:46:02 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2006/11/02 01:45:50 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2006/08/04 14:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2006/07/06 05:15:00 | 00,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/07/06 05:14:30 | 00,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2004/07/27 14:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/04/14 12:04:22 | 00,135,168 | ---- | M] (Wireless) -- C:\Program Files\Motorola Wireless\WU830G USB Adapter\WLUSBCfg.exe
PRC - [2004/04/07 10:07:32 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2003/11/22 14:26:22 | 00,024,576 | ---- | M] () -- C:\Program Files\Motorola Wireless\WU830G USB Adapter\OdHost.exe
PRC - [1999/12/13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTSVCCDA.EXE


========== Modules (SafeList) ==========

MOD - [2010/01/21 18:16:29 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Users\Jc\Desktop\OTL.exe
MOD - [2009/08/14 18:06:14 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2006/11/02 01:46:13 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
MOD - [2006/11/02 01:46:13 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll
MOD - [2006/11/02 01:46:07 | 02,095,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2006/11/02 01:46:07 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll
MOD - [2006/11/02 01:38:57 | 01,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RelevantKnowledge)
SRV - File not found [On_Demand | Stopped] -- -- (npggsvc)
SRV - [2009/09/21 15:36:02 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/21 01:11:19 | 01,028,432 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/09/18 01:14:26 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/08/14 18:04:35 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/06/20 11:54:54 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/04/14 02:33:00 | 00,207,392 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/08/29 18:12:56 | 00,230,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\VistaSrv.exe -- (WindowBlinds)
SRV - [2008/01/28 17:25:05 | 00,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008/01/28 11:43:32 | 00,810,320 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007/05/28 22:06:44 | 00,598,960 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdfcoms.exe -- (lxdf_device)
SRV - [2007/05/28 22:06:20 | 00,099,248 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe -- (lxdfCATSCustConnectService)
SRV - [2007/04/11 11:31:29 | 00,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/12 08:52:10 | 00,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV)
SRV - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/28 16:26:55 | 00,086,528 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2006/12/28 16:24:45 | 01,119,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/12/28 16:19:38 | 00,069,632 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2006/11/02 04:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/08/04 14:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2006/07/06 05:14:30 | 00,090,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2004/04/07 10:07:32 | 01,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [1999/12/13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\System32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061228
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061228
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.ijji.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect...fftrie7&query="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-tyc"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-tyc"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.21.1.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.424
FF - prefs.js..extensions.enabledItems: avg@igeared:2.609.002.003
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {F270F1AF-34D6-41CB-A9F5-8200EF7DB41F}:1.0
FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3
FF - prefs.js..keyword.URL: "http://slirsredirect...0fftrab&query="


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/12/21 09:58:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/10/06 22:43:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/25 21:28:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/25 21:26:57 | 00,000,000 | ---D | M]

[2008/11/01 17:41:56 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Mozilla\Extensions
[2009/11/24 17:08:32 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Mozilla\Firefox\Profiles\9fdp7b7t.default\extensions
[2009/04/08 20:32:54 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Jc\AppData\Roaming\Mozilla\Firefox\Profiles\9fdp7b7t.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/08/11 20:31:36 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Jc\AppData\Roaming\Mozilla\Firefox\Profiles\9fdp7b7t.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/08/15 12:13:07 | 00,000,000 | ---D | M] (MediaBar) -- C:\Users\Jc\AppData\Roaming\Mozilla\Firefox\Profiles\9fdp7b7t.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2009/07/17 15:02:48 | 00,002,476 | ---- | M] () -- C:\Users\Jc\AppData\Roaming\Mozilla\Firefox\Profiles\9fdp7b7t.default\searchplugins\BearShareWebSearch.xml
[2009/06/15 09:14:53 | 00,002,042 | ---- | M] () -- C:\Users\Jc\AppData\Roaming\Mozilla\Firefox\Profiles\9fdp7b7t.default\searchplugins\facebook.xml
[2009/06/20 12:02:01 | 00,009,929 | ---- | M] () -- C:\Users\Jc\AppData\Roaming\Mozilla\Firefox\Profiles\9fdp7b7t.default\searchplugins\mywebsearch.xml
[2010/01/18 23:29:17 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/05/20 00:49:50 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2009/08/17 07:42:14 | 00,073,728 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2007/04/16 09:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2007/03/09 15:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

O1 HOSTS File: ([2008/04/24 09:19:40 | 00,224,803 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 7889 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()
O2 - BHO: (Winamp Toolbar BHO) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\BelkinDetectUI.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Lexmark 6500 Series Fax Server] C:\Program Files\Lexmark 6500 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxdfamon] C:\Program Files\Lexmark 6500 Series\lxdfamon.exe ()
O4 - HKLM..\Run: [lxdfmon.exe] C:\Program Files\Lexmark 6500 Series\lxdfmon.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe (TODO: <Company name>)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [V0350Mon.exe] C:\Windows\V0350Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKCU..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [RunSpySweeperScheduleAtStartup] C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Winamp Toolbar Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2007/11/13 20:25:43 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2007/11/13 20:25:43 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2007/11/13 20:25:43 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2007/11/13 20:25:43 | 00,000,000 | ---D | M]
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation)
O24 - Desktop WallPaper: C:\Users\Jc\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jc\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 00,000,024 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5666c12d-176f-11de-818b-0019d12857b9}\Shell - "" = AutoRun
O33 - MountPoints2\{5666c12d-176f-11de-818b-0019d12857b9}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{84dd36af-bbd1-11dc-a5a2-0019d12857b9}\Shell - "" = AutoRun
O33 - MountPoints2\{84dd36af-bbd1-11dc-a5a2-0019d12857b9}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O33 - MountPoints2\{bda739dd-315e-11de-924c-0019d12857b9}\Shell\Auto\command - "" = I:\launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2006/11/02 03:18:47 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 14 Days ==========

[2010/01/21 18:16:17 | 00,547,840 | ---- | C] (OldTimer Tools) -- C:\Users\Jc\Desktop\OTL.exe
[2010/01/18 23:29:54 | 00,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/01/18 17:52:41 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/01/18 17:51:22 | 00,000,000 | ---D | C] -- C:\Users\Jc\AppData\Roaming\SUPERAntiSpyware.com
[2010/01/18 17:51:22 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/01/18 17:50:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/01/14 10:40:01 | 00,000,000 | ---D | C] -- C:\Users\Jc\Desktop\nursing
[2010/01/08 08:28:40 | 00,000,000 | ---D | C] -- C:\New Folder
[2008/01/06 20:55:34 | 00,434,176 | ---- | C] ( ) -- C:\Windows\System32\lxdfhcp.dll
[2008/01/06 20:55:32 | 00,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdfinpa.dll
[2008/01/06 20:55:32 | 00,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdfiesc.dll
[2008/01/06 20:55:31 | 00,950,272 | ---- | C] ( ) -- C:\Windows\System32\lxdfusb1.dll
[2008/01/06 20:55:30 | 01,200,128 | ---- | C] ( ) -- C:\Windows\System32\lxdfserv.dll
[2008/01/06 20:55:29 | 00,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdfpmui.dll
[2008/01/06 20:55:29 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdfprox.dll
[2008/01/06 20:55:28 | 00,565,248 | ---- | C] ( ) -- C:\Windows\System32\lxdflmpm.dll
[2008/01/06 20:55:23 | 00,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdfhbn3.dll
[2008/01/06 20:55:20 | 00,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdfcomm.dll
[2008/01/06 20:55:19 | 00,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxdfcomc.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/01/21 18:24:01 | 00,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/21 18:23:39 | 04,456,448 | -HS- | M] () -- C:\Users\Jc\ntuser.dat
[2010/01/21 18:16:29 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Users\Jc\Desktop\OTL.exe
[2010/01/21 18:09:32 | 00,729,436 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/21 18:09:32 | 00,626,738 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/21 18:09:32 | 00,107,508 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/21 18:07:11 | 00,002,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/21 18:07:11 | 00,002,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/21 17:08:42 | 54,493,657 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/01/21 10:07:28 | 00,000,874 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/21 10:07:12 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/21 10:06:59 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/21 10:06:48 | 21,453,00480 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/21 04:18:46 | 00,000,412 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{25F3AA23-CA60-42CD-ABF1-2A7D80D35BBD}.job
[2010/01/21 02:10:19 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/01/19 23:06:04 | 00,140,288 | ---- | M] () -- C:\Users\Jc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/19 18:49:51 | 00,142,495 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/01/19 14:39:03 | 03,095,352 | -H-- | M] () -- C:\Users\Jc\AppData\Local\IconCache.db
[2010/01/18 17:51:25 | 00,000,902 | ---- | M] () -- C:\Users\Jc\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/15 10:54:29 | 00,004,084 | ---- | M] () -- C:\Users\Jc\AppData\Roaming\wklnhst.dat
[2010/01/13 03:24:02 | 00,374,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/10 11:35:25 | 00,004,232 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2010/01/10 11:21:06 | 00,000,088 | RHS- | M] () -- C:\Windows\System32\9D41464E1D.sys
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/18 17:51:25 | 00,000,902 | ---- | C] () -- C:\Users\Jc\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/04 11:57:34 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/01/04 11:57:33 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/01/04 11:57:33 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/01/04 11:57:32 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/01/04 11:57:32 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010/01/04 02:44:19 | 00,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/08/10 18:07:21 | 00,005,116 | ---- | C] () -- C:\Windows\System32\ucuiinfo.ini
[2008/12/07 22:18:40 | 00,000,000 | ---- | C] () -- C:\Windows\WB.ini
[2008/12/07 22:11:13 | 00,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll
[2008/04/25 16:35:13 | 00,000,104 | ---- | C] () -- C:\ProgramData\lxdf
[2008/04/24 08:29:23 | 00,001,356 | ---- | C] () -- C:\Users\Jc\AppData\Local\d3d9caps.dat
[2008/01/28 17:25:32 | 00,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/01/06 21:04:22 | 00,348,160 | ---- | C] () -- C:\Windows\System32\lxdfcoin.dll
[2008/01/06 20:59:26 | 00,045,056 | ---- | C] () -- C:\Windows\System32\LXDFPMON.DLL
[2008/01/06 20:59:26 | 00,032,768 | ---- | C] () -- C:\Windows\System32\LXDFFXPU.DLL
[2008/01/06 20:59:06 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxdfoem.dll
[2008/01/06 20:55:57 | 00,000,060 | ---- | C] () -- C:\Windows\System32\lxdfrwrd.ini
[2008/01/06 20:55:35 | 00,348,160 | ---- | C] () -- C:\Windows\System32\lxdfinst.dll
[2008/01/06 20:55:22 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lxdfgrd.dll
[2007/09/22 01:33:53 | 00,018,008 | ---- | C] () -- C:\Users\Jc\AppData\Roaming\UserTile.png
[2007/05/24 08:24:25 | 00,692,224 | ---- | C] () -- C:\Windows\System32\lxdfdrs.dll
[2007/05/22 02:09:48 | 00,065,536 | ---- | C] () -- C:\Windows\System32\lxdfcaps.dll
[2007/04/17 02:17:05 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxdfcnv4.dll
[2007/03/10 18:35:24 | 00,140,288 | ---- | C] () -- C:\Users\Jc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/10 17:32:10 | 00,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2007/03/10 17:32:09 | 00,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2007/03/10 17:32:09 | 00,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2007/01/31 00:53:30 | 00,004,232 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007/01/31 00:53:30 | 00,000,088 | RHS- | C] () -- C:\Windows\System32\9D41464E1D.sys
[2007/01/17 13:07:04 | 00,000,047 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007/01/08 18:45:32 | 00,000,029 | ---- | C] () -- C:\Windows\atid.ini
[2007/01/04 15:55:24 | 00,000,070 | ---- | C] () -- C:\Windows\sbwin.ini
[2007/01/03 23:57:27 | 00,004,084 | ---- | C] () -- C:\Users\Jc\AppData\Roaming\wklnhst.dat
[2007/01/03 23:27:52 | 00,006,656 | ---- | C] () -- C:\Users\Jc\AppData\Roaming\dvd.bmk
[2007/01/03 22:51:00 | 00,000,456 | ---- | C] () -- C:\Windows\CTWave32.INI
[2007/01/03 22:50:56 | 00,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2006/12/28 16:36:30 | 00,000,061 | ---- | C] () -- C:\Windows\smscfg.ini
[2006/12/28 16:30:08 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2006/12/28 16:26:36 | 00,000,192 | ---- | C] () -- C:\Windows\wininit.ini
[2006/12/28 16:20:35 | 00,022,629 | ---- | C] () -- C:\Windows\System32\CiFilter.ini
[2006/12/28 16:19:39 | 00,000,040 | ---- | C] () -- C:\Windows\System32\mes2046.dll
[2006/12/28 15:54:02 | 00,000,392 | ---- | C] () -- C:\Windows\System32\OEMINFO.INI
[2006/11/02 04:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/01 23:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/07/31 17:53:18 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxdfvs.dll
[2005/01/31 07:37:58 | 00,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2003/01/07 13:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2008/01/06 21:10:07 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\6500 Series
[2008/04/24 09:03:58 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\acccore
[2009/11/23 23:11:36 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Any Video Converter
[2009/02/18 11:47:35 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Gmote
[2009/02/22 11:28:46 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\gtk-2.0
[2009/11/16 23:48:19 | 00,000,000 | -H-D | M] -- C:\Users\Jc\AppData\Roaming\ijjigame
[2009/02/18 00:12:22 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Inkscape
[2007/03/10 16:54:42 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Leadertech
[2009/11/24 00:45:47 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Leawo
[2008/01/07 01:31:36 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Lexmark Productivity Studio
[2007/10/04 22:51:47 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\LimeWire
[2009/08/15 11:37:41 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\MusicNet
[2007/09/22 01:33:53 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\PeerNetworking
[2007/03/10 16:54:45 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Template
[2009/10/01 16:57:16 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Unity
[2007/03/10 16:54:45 | 00,000,000 | ---D | M] -- C:\Users\Jc\AppData\Roaming\Viewpoint
[2010/01/21 02:10:19 | 00,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2006/11/02 05:09:53 | 00,000,484 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/01/21 04:18:46 | 00,000,412 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{25F3AA23-CA60-42CD-ABF1-2A7D80D35BBD}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/10 03:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2008/01/18 23:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2004/08/03 21:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2006/11/02 01:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 01:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 03:00:00 | 16,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2008/01/18 23:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 01:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007/01/05 12:20:58 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2007/01/05 12:20:58 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\drivers\atapi.sys
[2007/01/05 12:20:58 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2007/01/05 12:20:58 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2008/02/13 03:05:04 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/13 03:05:04 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2004/08/03 20:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2008/02/13 03:05:04 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 01:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 01:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2004/08/10 03:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll

< MD5 for: IASTOR.SYS >
[2006/07/06 04:59:42 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\$WINDOWS.~Q\DATA\WINDOWS\system32\drivers\iaStor.sys
[2006/10/10 11:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\$WINDOWS.~Q\DATA\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\iaStor.sys
[2006/10/10 11:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\drivers\storage\R130118\iastor.sys
[2006/07/06 04:59:42 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\i386\iaStor.sys
[2006/07/06 04:59:42 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\iaStor.sys
[2006/10/10 11:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\Windows\System32\drivers\iaStor.sys
[2006/10/10 11:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_606e6298\iaStor.sys
[2006/07/06 05:01:32 | 00,484,864 | ---- | M] (Intel Corporation) MD5=6A3C354BFC163B81F6EF2FC421280DB5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/18 23:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 01:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 01:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 01:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 01:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2004/08/10 03:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2008/01/18 23:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 01:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 01:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/18 23:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2004/08/10 03:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2008/01/18 23:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 01:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 01:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 03:31:42 | 00,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 03:31:37 | 00,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2006/11/02 01:47:18 | 00,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2007/07/10 23:47:53 | 00,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >
< End of report >
  • 0

#22
andrewuk
Posted 22 January 2010 - 03:08 PM

andrewuk

    Trusted Helper

  • Malware Removal
  • 5,297 posts
ok lets try combofix one more time before we go down another route:

delete the version you have on your desktop and then visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

andrewuk

Edited by andrewuk, 22 January 2010 - 03:08 PM.

  • 0

#23
jhaycee
Posted 25 January 2010 - 02:31 PM

jhaycee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
i was able to run combofix this time. i had trouble running it before. it says on the screen... preparing log report. but no notepad opened after. i couldnt find it in the desktop either.
  • 0

#24
andrewuk
Posted 26 January 2010 - 09:26 AM

andrewuk

    Trusted Helper

  • Malware Removal
  • 5,297 posts
firstly, (you may have looked here anyway) check to see if the log is at C:\ComboFix.txt - that is not on the desktop so you will need to navigate there via START >>> Explore

if it is there, then copy and paste the log here in reply (dont re-run combofix) and await my instructions.



if it is not there then delete the version of combofix you have on your desktop and then please visit this webpage for download links, and instructions for running the tool. it has been updated:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.


also:

We will run OTL , but go for a shortened log.
  • Close all windows and open it by double clicking on the icon
  • we are targetting a selective output, hence:
    • on the left hand side, in the box titled "Processes" select none
    • on the left hand side, in the box titled "Drivers" select none
    • on the left hand side, in the box titled "Extra Registry" select none
    • on the right hand side, in the box titled "Files created within" select none
    • on the right hand side, in the box titled "Files modified within" select none
    • >>>> so, you should only have "Services", "Standard Registry" and "Modules" selected for Use Safelist
    • tick both the boxes marked Purity check and Lop check
  • Click Run Scan and let the program run uninterrupted
  • It will produce one log for you called OTL.txt. Please post that log here in reply.
  • You may need to use two posts to get it all on the forum
andrewuk

Edited by andrewuk, 26 January 2010 - 09:28 AM.

  • 0

#25
jhaycee
Posted 29 January 2010 - 07:35 PM

jhaycee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
please dont close the thread. im having a hard time running combofix. i need more time please.
  • 0

Advertisements

#26
andrewuk
Posted 30 January 2010 - 03:56 PM

andrewuk

    Trusted Helper

  • Malware Removal
  • 5,297 posts
what are the problems with combofix? and have you tried safe mode?
  • 0

#27
jhaycee
Posted 05 February 2010 - 03:06 AM

jhaycee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
thank you for waiting. combofix wouldnt work on my computer. ive tried it a lot of times.
itll stop by "attempting to create a restore point"... and then itll just stop there..
  • 0

#28
andrewuk
Posted 06 February 2010 - 05:18 AM

andrewuk

    Trusted Helper

  • Malware Removal
  • 5,297 posts
we will go down another route:

could you delete the version of OTL you have on your desktop and download a new version . . . . it will have been updated since you last used it.

go to http://www.geekstogo...uide-t2852.html and go to Step Five: Post an OTL Log and run the OTL log, include the custom scan as explained on that page. you will most likely only get one log this time

The text from these files may exceed the maximum post length for this forum. Hence, you may need to post the information over 2 or more posts.

andrewuk
  • 0

#29
andrewuk
Posted 13 February 2010 - 05:29 PM

andrewuk

    Trusted Helper

  • Malware Removal
  • 5,297 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP