Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

3 PC's on 'Wired' Network

Started by moondog830 , Apr 16 2011 03:35 PM

  • This topic is locked This topic is locked

#16
moondog830
Posted 23 April 2011 - 07:41 PM

moondog830

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 804 posts
This is where we will have problems I think ... I was able to download and install Malwarebytes on my main computer and transfer it with a flashdrive to my problem computer. However, that other computer can not get online to download the latest update. I KNOW that it is not the cable as I can hook my laptop up on the same cable and have no problems. I also can not run an online scan as you said to.

Here is my Malwarebytes report


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5363

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

4/23/2011 9:33:29 PM
mbam-log-2011-04-23 (21-33-29).txt

Scan type: Quick scan
Objects scanned: 190502
Time elapsed: 4 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements

#17
Salagubang
Posted 23 April 2011 - 08:22 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Replace ESET online scan with this one. Download from a clean computer then transfer it to the ailing machine.

Download Dr.Web CureIt to the desktop.
  • Doubleclick the drweb-cureit.exe file, then on Start and allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, chose the Complete Scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow Posted Image at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look and see if you can click the following icon next to the files found:
    Posted Image
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    Posted Image
  • This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply along with a new OTL log.
NOTE: During the scan, a pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.
  • 0

#18
moondog830
Posted 27 April 2011 - 10:51 AM

moondog830

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 804 posts
Dr.Web


OTL.exe;C:\Documents and Settings\Owner\Desktop;Trojan.Siggen2.25631;Incurable.Moved.;
A1342105.exe;C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP2368;Trojan.Siggen2.25631;Incurable.Moved.;
CouponPrinter.ocx;C:\WINDOWS;Adware.Coupons.34;Incurable.Moved.;


OTL Log


OTL logfile created on: 4/25/2011 7:23:58 PM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 653.00 Mb Available Physical Memory | 64.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 227.34 Gb Total Space | 86.49 Gb Free Space | 38.05% Space Free | Partition Type: NTFS
Drive D: | 5.53 Gb Total Space | 1.65 Gb Free Space | 29.80% Space Free | Partition Type: FAT32
Drive L: | 7.47 Gb Total Space | 4.09 Gb Free Space | 54.70% Space Free | Partition Type: FAT32

Computer Name: MOONDOGS | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/14 21:50:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2009/12/28 11:34:57 | 000,122,880 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2008/05/02 13:28:55 | 000,369,272 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2008/04/23 03:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/07 09:53:54 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
PRC - [2007/08/01 14:29:52 | 003,822,624 | ---- | M] (Paessler GmbH) -- C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe
PRC - [2007/05/05 21:58:57 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe
PRC - [2007/03/22 19:04:18 | 000,009,728 | ---- | M] (SDSD) -- C:\Program Files\Kodak\Printer\Center\KodakSvc.exe
PRC - [2006/07/26 12:03:30 | 000,443,904 | ---- | M] () -- C:\Program Files\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe
PRC - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2005/02/02 18:10:46 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS


========== Modules (SafeList) ==========

MOD - [2011/04/14 21:50:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2008/05/02 13:28:55 | 000,369,272 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2007/10/07 09:53:54 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Runservice.exe -- (LicCtrlService)
SRV - [2007/08/01 14:29:52 | 003,822,624 | ---- | M] (Paessler GmbH) [Auto | Running] -- C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe -- (PRTGService)
SRV - [2007/05/05 21:58:57 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
SRV - [2007/03/22 19:04:18 | 000,009,728 | ---- | M] (SDSD) [Auto | Running] -- C:\Program Files\Kodak\printer\center\KodakSvc.exe -- (KodakSvc)
SRV - [2006/07/26 12:03:30 | 000,443,904 | ---- | M] () [Auto | Running] -- C:\Program Files\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe -- (prtgwatchservice)
SRV - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005/08/02 17:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [Disabled | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2005/02/02 18:10:46 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)


========== Driver Services (SafeList) ==========

DRV - [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/04/18 09:50:16 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2008/06/14 22:11:09 | 000,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/12/05 01:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/03/01 19:54:22 | 000,021,056 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2006/10/18 04:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/18 04:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/09/22 14:06:10 | 000,092,160 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2006/06/28 10:41:56 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2006/06/28 10:38:10 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006/03/26 08:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/03/24 12:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006/03/13 05:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006/02/16 16:51:08 | 000,004,096 | R--- | M] (SuperAdBlocker, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2005/08/10 10:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005/08/02 17:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2005/01/07 17:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2005/01/05 17:43:06 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/09/03 13:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/09/03 13:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004/08/26 13:12:34 | 002,241,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/08/04 15:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 15:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/06/17 18:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 18:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 18:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/06/04 04:27:46 | 000,840,960 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2004/04/01 17:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2004/03/22 15:27:20 | 000,042,936 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt39.sys -- (SunkFilt39)
DRV - [2004/03/22 15:01:38 | 000,040,564 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/12/30 08:38:52 | 000,028,080 | ---- | M] (Ahead Software AG) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\incdrm.sys -- (incdrm)
DRV - [2003/12/01 11:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/21 20:48:06 | 000,130,192 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/21 20:47:38 | 000,178,672 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2001/09/26 12:20:38 | 000,047,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AP_USB.SYS -- (HNLXU) Intel® AnyPoint™
DRV - [2001/08/23 15:00:00 | 000,022,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SbcpHid.sys -- (SbcpHid)
DRV - [2001/08/17 16:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
DRV - [2001/08/17 13:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029) Realtek RTL8029(AS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.gatewaybiz.com
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.gatewaybiz.com
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.moondographics.com/
IE - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = systemcontrolcenter.com;192.168.0.1;<local>
IE - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=192.168.0.1:87

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Template Shares Torrent Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.moondogra...om/kadence.htm"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3290
FF - prefs.js..network.proxy.http: "192.168.0.1"
FF - prefs.js..network.proxy.http_port: 87
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/01/05 21:36:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\

[2008/09/15 21:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2009/09/05 20:11:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions
[2006/12/04 23:11:32 | 000,000,000 | ---D | M] ("Woopig.net") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{0146b1d0-71d3-11db-9fe1-0800200c9a66}
[2007/10/19 07:31:08 | 000,000,000 | ---D | M] ("Mostly Crystal") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{0cdfdd5e-eea6-45ff-b035-81243cf02efb}
[2009/09/05 20:10:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2007/07/08 22:15:51 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/03/03 20:41:51 | 000,000,000 | ---D | M] (Walnut for Firefox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
[2007/10/22 19:38:35 | 000,000,000 | ---D | M] (OldFactory Black) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{69D30031-F4A8-452a-A5B3-5D6787C3C5CF}
[2007/11/03 12:32:49 | 000,000,000 | ---D | M] (Accessibar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{81487e5d-d4e7-441b-b702-ab29eb3af951}
[2007/12/23 10:37:43 | 000,000,000 | ---D | M] (Aluminium Kai 2) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{a45e6b3a-725d-4b20-afde-e7486bfe317c}
[2006/06/15 19:27:17 | 000,000,000 | ---D | M] ("Firefox Vista") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{C1CCF2A6-D735-4817-866A-993A66CF9A3D}
[2007/10/19 07:31:10 | 000,000,000 | ---D | M] ("Web Developer") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2007/10/19 07:31:10 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2007/10/19 07:31:08 | 000,000,000 | ---D | M] ("Red Cats (green flavor)") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\{dd30bf68-268a-4815-ad48-8740b774c764}
[2007/10/19 07:31:00 | 000,000,000 | ---D | M] ("Google Browser Sync") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\[email protected]
[2007/10/19 07:31:03 | 000,000,000 | ---D | M] ("ErrorZilla Mod") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\ErrorZillaMod@jaybaldwin
[2007/10/19 07:31:06 | 000,000,000 | ---D | M] ("Firebug") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\[email protected]
[2009/09/05 20:10:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\extensions\staged-xpis
[2008/06/27 10:57:22 | 000,001,712 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\searchplugins\ask.xml
[2008/02/14 08:01:48 | 000,002,904 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\searchplugins\template-shares-torrent-search.xml
[2008/06/27 10:57:22 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vk675i5h.default\searchplugins\wikipedia.xml
[2010/09/28 21:57:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/10/02 15:21:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\azerty_iii-3.1.1-fx\mozapps\extensions
[2006/12/04 22:49:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\mostly_crystal_for_firefox_-2.0.0.9-fx\browser\extensions
[2006/12/04 22:49:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\mostly_crystal_for_firefox_-2.0.0.9-fx\browser\extensions\icons
[2006/12/04 22:49:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\mostly_crystal_for_firefox_-2.0.0.9-fx\mozapps\extensions
[2006/11/14 15:05:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\noia_2.0_extreme_-3.34-fx\mozapps\extensions
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG8\FIREFOX
[2004/07/02 15:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\components\np32asw.dll
[2004/07/02 15:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32asw.dll

O1 HOSTS File: ([2011/04/23 19:25:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-18..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-21-2025213858-2358470224-48696532-1003..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Bandwidth Meter.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\..Trusted Domains: //@signup.mar@ ([]money in My Computer)
O15 - HKU\S-1-5-21-2025213858-2358470224-48696532-1003\..Trusted Domains: //@surf.mar@ ([]money in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=48835 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane...DC_1_0_0_44.cab (FilePlanet Download Control Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ontent/opuc.cab (Office Update Installation Engine)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} http://ipgweb.cce.hp...ads/sysinfo.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1144844827656 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {F2D35D99-63B1-46D3-970C-6E22320D5DCB} http://www.ksolo.com/getPlugin.do (kSoloCntrlIE Class)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WB: DllName - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\fastload.dll (Stardock)
O24 - Desktop WallPaper: C:\WINDOWS\FeatherTexture.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\FeatherTexture.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/26 14:04:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/25 19:23:22 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/04/25 19:12:17 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/04/23 23:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\DoctorWeb
[2011/04/23 21:06:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Temp
[2011/04/23 20:24:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/04/23 20:24:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/23 20:24:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/23 20:24:01 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/23 19:37:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/04/23 18:55:09 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/04/22 11:57:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/04/22 11:57:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/04/22 11:57:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/04/22 11:57:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/04/22 11:56:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/04/22 11:56:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/04/22 10:40:42 | 006,343,736 | ---- | C] (OPSWAT, Inc.) -- C:\Documents and Settings\Owner\Desktop\AppRemover.exe
[2011/04/14 18:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ashampoo
[2011/04/14 18:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ashampoo
[2011/04/14 18:52:44 | 000,039,776 | ---- | C] (mst software GmbH, Germany) -- C:\WINDOWS\System32\DfSdkBt64.exe
[2011/04/14 18:52:44 | 000,033,632 | ---- | C] (mst software GmbH, Germany) -- C:\WINDOWS\System32\DfSdkBt32.exe
[2011/04/14 18:52:41 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2011/04/14 18:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/04/01 10:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
[2011/04/01 10:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[2006/10/08 10:05:55 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Owner\Application Data\pcouffin.sys
[2005/07/21 12:37:56 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[1 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/25 19:23:01 | 002,835,152 | ---- | M] () -- C:\logfile
[2011/04/25 19:13:43 | 039,106,560 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2011/04/25 19:13:43 | 017,122,304 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2011/04/25 19:11:56 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2011/04/25 19:11:39 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/25 19:11:37 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/25 19:06:31 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/25 17:40:59 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/04/25 17:40:49 | 000,001,217 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2011/04/25 17:40:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/25 17:35:52 | 000,000,290 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\DrWeb.csv
[2011/04/23 22:49:32 | 060,528,576 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\drweb-cureit.exe
[2011/04/23 20:24:04 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/23 19:25:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/04/23 18:55:15 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/04/22 14:59:46 | 001,022,006 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\error.bmp
[2011/04/22 09:06:44 | 004,326,658 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/04/21 09:02:43 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2011/04/21 09:02:43 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/21 08:57:56 | 006,343,736 | ---- | M] (OPSWAT, Inc.) -- C:\Documents and Settings\Owner\Desktop\AppRemover.exe
[2011/04/20 23:09:00 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2011/04/20 22:05:06 | 000,293,019 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2011/04/14 21:50:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/04/14 18:52:46 | 000,001,848 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Drag & Drop Deinstallation.lnk
[2011/04/14 18:52:46 | 000,000,904 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ashampoo UnInstaller 4.lnk
[2011/04/14 18:48:03 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/04/11 21:53:30 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

========== Files Created - No Company Name ==========

[2011/04/25 17:34:49 | 000,000,290 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\DrWeb.csv
[2011/04/23 23:16:42 | 060,528,576 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\drweb-cureit.exe
[2011/04/23 20:24:04 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/23 18:55:15 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/04/23 18:55:12 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/04/22 14:59:46 | 001,022,006 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\error.bmp
[2011/04/22 11:57:03 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/04/22 11:57:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/04/22 11:57:03 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/04/22 11:57:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/04/22 11:57:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/22 10:40:42 | 004,326,658 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/04/21 09:02:43 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2011/04/21 09:02:43 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/20 22:07:35 | 000,293,019 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2011/04/14 18:52:46 | 000,001,848 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Drag & Drop Deinstallation.lnk
[2011/04/14 18:52:46 | 000,000,904 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ashampoo UnInstaller 4.lnk
[2011/04/14 18:48:03 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2009/07/10 19:33:45 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/02/10 23:48:23 | 000,000,343 | ---- | C] () -- C:\WINDOWS\DcmLtBox.ini
[2008/02/06 15:06:23 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\EKDeviceServices.dll
[2008/01/10 23:07:30 | 000,001,369 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/01/10 14:26:50 | 000,000,883 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007/12/08 19:28:11 | 000,000,208 | ---- | C] () -- C:\WINDOWS\EFICOLOR.INI
[2007/12/08 19:28:11 | 000,000,200 | ---- | C] () -- C:\WINDOWS\CDPHOTO.INI
[2007/12/08 19:27:58 | 000,000,072 | ---- | C] () -- C:\WINDOWS\visguide.ini
[2007/12/08 19:27:29 | 000,000,048 | ---- | C] () -- C:\WINDOWS\bartcan.ini
[2007/12/04 22:33:27 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007/12/04 22:33:27 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2007/12/04 22:33:27 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2007/10/20 16:12:53 | 000,123,996 | ---- | C] () -- C:\WINDOWS\HPHins12.dat.temp
[2007/10/20 16:12:53 | 000,014,916 | ---- | C] () -- C:\WINDOWS\hphmdl12.dat.temp
[2007/10/07 09:53:55 | 000,001,217 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys
[2007/10/07 09:53:54 | 000,048,640 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2007/10/07 09:53:54 | 000,002,560 | ---- | C] () -- C:\WINDOWS\Runservice.exe
[2007/07/30 21:34:59 | 000,001,372 | ---- | C] () -- C:\WINDOWS\ForgeOfFreedom.ini
[2007/07/24 22:30:21 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2007/07/24 14:20:45 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\bassmod.dll
[2007/07/16 09:56:18 | 000,024,575 | ---- | C] () -- C:\WINDOWS\System32\Mpwinapppiobas69.dll
[2007/07/16 09:55:57 | 000,112,156 | ---- | C] () -- C:\WINDOWS\System32\Msdts325.dat
[2007/06/08 13:53:50 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/05/10 22:36:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\shctxex.dll
[2007/05/05 21:58:57 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\UAService7.exe
[2007/03/28 06:55:21 | 000,000,026 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2007/02/08 13:43:20 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\micr0st.dll
[2007/02/07 20:07:49 | 000,000,028 | ---- | C] () -- C:\WINDOWS\SciFi3.ini
[2007/01/29 08:28:19 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2006/10/29 16:25:09 | 000,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2006/10/29 16:25:09 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/10/08 10:05:55 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ezpinst.exe
[2006/10/08 10:05:55 | 000,007,176 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.cat
[2006/10/08 10:05:55 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.inf
[2006/09/14 13:53:38 | 000,000,210 | ---- | C] () -- C:\WINDOWS\bgw.ini
[2006/09/04 21:38:10 | 000,000,253 | ---- | C] () -- C:\WINDOWS\nir.ini
[2006/09/02 23:20:07 | 000,000,391 | ---- | C] () -- C:\WINDOWS\crownofglory.ini
[2006/07/23 19:33:11 | 000,000,249 | ---- | C] () -- C:\WINDOWS\bgs.ini
[2006/06/28 10:41:56 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2006/06/28 10:38:10 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd7213.sys
[2006/06/13 12:19:21 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\BW32000C.DLL
[2006/05/30 23:20:42 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\MSSud6OCX.dll
[2006/05/05 23:46:52 | 000,000,402 | ---- | C] () -- C:\WINDOWS\player_army_stats.ini
[2006/04/02 18:25:57 | 000,000,031 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/03/15 10:20:57 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2006/03/15 09:35:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2006/03/15 09:35:43 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/02/15 22:21:28 | 000,000,080 | RHS- | C] () -- C:\WINDOWS\System32\BAD6A17DE8.dll
[2006/02/11 14:18:09 | 000,000,098 | ---- | C] () -- C:\WINDOWS\creation.INI
[2006/02/06 16:19:08 | 000,005,996 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/02/06 16:15:27 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\teulKit.dll
[2006/01/19 08:55:48 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/01/12 00:04:14 | 000,000,228 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2005/12/26 13:46:05 | 000,000,249 | ---- | C] () -- C:\WINDOWS\bgn.ini
[2005/12/05 19:53:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2005/11/10 14:42:05 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2005/10/19 15:15:21 | 000,000,078 | ---- | C] () -- C:\WINDOWS\PrezoPlayer.INI
[2005/10/19 10:55:49 | 000,000,085 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005/10/18 19:33:30 | 000,000,055 | ---- | C] () -- C:\WINDOWS\WinFTP.INI
[2005/09/28 21:48:38 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2005/09/28 21:48:38 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2005/09/28 21:48:38 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2005/09/23 06:56:22 | 000,304,128 | ---- | C] () -- C:\WINDOWS\System32\keygen.dll
[2005/09/16 00:06:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\mgsnhDemo_32.dll
[2005/08/23 22:55:44 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2005/08/02 17:24:01 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/07/21 12:37:56 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2005/07/21 12:37:55 | 000,060,928 | R--- | C] () -- C:\WINDOWS\System32\P17.dll
[2005/07/11 17:31:32 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/07/09 23:32:06 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2005/06/12 13:10:22 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005/05/16 18:56:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2005/05/16 18:56:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2005/05/03 16:18:54 | 000,158,080 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/05/02 18:07:44 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2005/04/13 13:15:39 | 000,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2005/03/14 20:38:05 | 000,000,059 | ---- | C] () -- C:\WINDOWS\cleandrv.INI
[2005/03/12 22:48:21 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/03/07 20:52:23 | 000,000,082 | ---- | C] () -- C:\WINDOWS\wb.ini
[2005/02/22 04:24:05 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/02/21 02:02:21 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/02/19 16:49:10 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2005/02/17 21:28:28 | 000,088,576 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/15 18:37:20 | 000,031,264 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2005/02/14 10:29:56 | 000,000,268 | ---- | C] () -- C:\WINDOWS\ui_mv32.ini
[2005/02/14 10:29:43 | 000,250,368 | ---- | C] () -- C:\WINDOWS\System32\imagxpr3.dll
[2005/02/14 10:25:48 | 000,000,335 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI
[2005/02/14 10:23:51 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll
[2005/02/14 10:23:50 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2005/02/14 10:23:50 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\Leaddib.drv
[2005/02/14 10:23:50 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\Fprun300.dll
[2005/02/13 15:04:13 | 000,000,579 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2005/02/12 23:26:51 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/02/12 14:45:17 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\FASTWiz.html
[2005/02/10 22:19:40 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2005/02/10 21:43:57 | 000,000,293 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2005/02/10 21:38:43 | 000,000,222 | ---- | C] () -- C:\WINDOWS\ENations.ini
[2005/02/10 19:36:50 | 000,000,249 | ---- | C] () -- C:\WINDOWS\bgg.ini
[2005/02/10 19:30:55 | 000,000,239 | ---- | C] () -- C:\WINDOWS\bgr.ini
[2005/02/10 19:21:13 | 000,001,048 | ---- | C] () -- C:\WINDOWS\EReg192.dat
[2005/02/10 12:31:35 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS58.DLL
[2005/02/10 12:11:36 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\hpgt34.dll
[2005/02/02 17:55:23 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/02/02 17:55:19 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2005/02/02 17:53:41 | 000,518,520 | ---- | C] () -- C:\WINDOWS\vidres.exe
[2005/02/02 17:50:51 | 000,471,298 | ---- | C] () -- C:\WINDOWS\wallpg.exe
[2005/02/02 17:48:25 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/02/02 17:41:41 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/02/02 17:41:40 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2005/02/02 17:41:40 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/08/27 06:50:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/27 05:54:47 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2004/08/26 14:07:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/26 14:01:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/26 12:12:43 | 000,000,543 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/26 12:12:43 | 000,000,465 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 12:12:13 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/26 12:12:10 | 000,441,902 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/26 12:12:10 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/26 12:12:10 | 000,071,854 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/26 12:12:10 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/26 12:12:08 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/26 12:12:07 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/26 12:12:05 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/26 12:12:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/26 12:11:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/26 12:11:54 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/26 12:11:46 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/26 06:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/26 06:54:01 | 001,355,136 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/03/28 22:11:10 | 000,067,428 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2003/03/04 04:29:00 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2001/08/23 15:00:00 | 000,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
[2000/04/11 21:44:56 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

========== LOP Check ==========

[2005/02/02 17:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.MOONDOGS\Application Data\SampleView
[2011/04/14 18:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashampoo
[2006/04/06 16:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chasing Dogs Studios
[2010/12/19 14:16:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/05/12 08:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dyvozgfa
[2008/02/06 16:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Eastman Kodak Company
[2005/12/24 14:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameBlend
[2007/09/25 19:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2009/07/29 17:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2009/07/28 08:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2008/02/06 16:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2008/02/25 15:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2005/02/02 17:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2005/02/02 17:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2007/12/24 19:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SDSD
[2010/03/01 04:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MOM\Application Data\Facebook
[2008/09/02 07:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MOM\Application Data\NetMedia Providers
[2008/09/02 07:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MOM\Application Data\Publish Providers
[2005/02/02 17:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MOM\Application Data\SampleView
[2006/05/07 01:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.bittorrent
[2008/02/19 18:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.purple
[2008/06/18 22:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Black Sea Studios
[2006/04/06 16:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Chasing Dogs Studios
[2007/04/25 09:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ethereal
[2006/01/12 00:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FTW
[2006/07/12 12:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Gena01
[2007/11/30 11:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gtk-2.0
[2007/10/10 07:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\HTNetMeter
[2007/08/29 21:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Image Zone Express
[2007/08/29 08:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\iWin
[2007/09/25 18:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Jane s Hotel
[2008/02/25 00:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Legends of pirates
[2008/01/24 00:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2006/05/30 23:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MPS-Sudoku2006
[2006/11/28 08:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound
[2006/03/03 13:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NetMedia Providers
[2006/04/08 23:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nology
[2007/02/26 15:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Opera
[2007/09/09 20:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PlayFirst
[2006/03/03 13:39:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Publish Providers
[2006/06/19 21:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\RecordPad
[2005/02/02 17:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2007/09/28 23:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sandlot Games
[2007/01/29 07:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SlySoft
[2006/06/15 20:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Thunderbird
[2006/11/02 22:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uk.co.planetside
[2006/01/20 14:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uqm
[2008/03/16 23:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2008/03/17 10:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vso
[2007/07/16 08:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\XnView
[2006/10/28 16:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\yoclient
[2010/12/19 14:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Z-girl\Application Data\AVG10
[2005/02/02 17:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Z-girl\Application Data\SampleView
[2011/04/14 19:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Z-girl\Application Data\Vso

========== Purity Check ==========



< End of report >
  • 0

#19
Salagubang
Posted 27 April 2011 - 04:51 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi,

Can you check if you can now connect to the internet using the ailing machine?
  • 0

#20
moondog830
Posted 28 April 2011 - 07:31 PM

moondog830

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 804 posts
checked all the connections again and tried to connect and still can not surf the net. the computer SAYS it is connected to the internet, but can't surf.
  • 0

#21
Salagubang
Posted 28 April 2011 - 07:49 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Can you check this one for me.

  • Press Start > Control Panel > Network Connections.
  • Right-click on your Lan Connection and choose properties.
  • Highlight Internet Protocol and click properties.
  • Check that Obtain IP Address Automatically is check (same with DNS connection)
  • Click OK to close.

  • 0

#22
moondog830
Posted 28 April 2011 - 08:15 PM

moondog830

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 804 posts
Those were both checked
  • 0

#23
Salagubang
Posted 28 April 2011 - 08:25 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Go to start -> type cmd in the search box at the bottom (or click 'run' if using win. XP and then type cmd) -> hit enter ->type ipconfig /all -> right click and click select all -> hit enter (the page is then copied) -> paste the results back in a new reply post.
  • 0

#24
moondog830
Posted 30 April 2011 - 12:02 PM

moondog830

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 804 posts
Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Owner>ipconfig / all

Error: unrecongnized or incomplete command line.

USAGE:
ipconfig [/? | /all | /renew [adapter] | /release [adapter] |
/flushdns | /displaydns | /registerdns |
/showclassid adapter |
/setclassid adapter [classid] ]

where
adapter Connection name
(wildcard characters * and ? allowed, see examples)

Options:
/? Display this help message
/all Display full configuration information.
/release Release the IP address for the specified adapter.
/renew Renew the IP address for the specified adapter.
/flushdns Purges the DNS Resolver cache.
/registerdns Refreshes all DHCP leases and re-registers DNS names
/displaydns Display the contents of the DNS Resolver Cache.
/showclassid Displays all the dhcp class IDs allowed for adapter.
/setclassid Modifies the dhcp class id.

The default is to display only the IP address, subnet mask and
default gateway for each adapter bound to TCP/IP.

For Release and Renew, if no adapter name is specified, then the IP address
leases for all adapters bound to TCP/IP will be released or renewed.

For Setclassid, if no ClassId is specified, then the ClassId is removed.

Examples:
> ipconfig ... Show information.
> ipconfig /all ... Show detailed information
> ipconfig /renew ... renew all adapters
> ipconfig /renew EL* ... renew any connection that has its
name starting with EL
> ipconfig /release *Con* ... release all matching connections,
eg. "Local Area Connection 1" or
"Local Area Connection 2"

C:\Documents and Settings\Owner>
  • 0

#25
Salagubang
Posted 30 April 2011 - 05:37 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi moondog830,

Retype the command with no space between / and all.

Also, download and run Winsockfix from this location then try if is able to restore the internet connection on the ailing machine.
  • 0

Advertisements

#26
moondog830
Posted 01 May 2011 - 07:42 AM

moondog830

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 804 posts
Here is the result of checking the ipconfig

Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Owner>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : moondogs
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes

Ethernet adapter Local Area Connection 5:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connecti
on #2
Physical Address. . . . . . . . . : 00-13-20-4F-86-08

C:\Documents and Settings\Owner>


and I also downloaded and ran Winsockfix then tried to connect to the internet ... my home page on that computer is google ... and it did try to load the page (I have cleared the cookies) but it was very slow and only got the words at the top and the top part of the google logo and then stopped ... tried it again and it didn't go at all.
  • 0

#27
Salagubang
Posted 01 May 2011 - 08:10 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi,

! Safety precaution: backup your router configuration first - if you can't get your internet connection to work then you can use this backup again !

Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds).
This will reset all setting - including your security settings so you also need to reconfigure these security settings you had in place prior to the reset.

Download your router's manual first, this could help you.

Next

Physically disconnect all other computer from your router except the ailing computer. Restart the computer then test if the connection has improved.
  • 0

#28
moondog830
Posted 03 May 2011 - 11:11 AM

moondog830

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 804 posts
Sorry for the delay ... I've been sick since Thursday.

I don't know how to save the router configuration, please explain (the manual doesn't say how).
  • 0

#29
Salagubang
Posted 03 May 2011 - 04:57 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Have you tried other browsers?

Please download and install Google Chrome and try to connect using it. Tell me how it goes.

(Take some rest, its alright not to do this now and we can continue later once you're feeling well)
  • 0

#30
moondog830
Posted 03 May 2011 - 05:14 PM

moondog830

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 804 posts
I actually use Google Chrome ... but tried Firefox and IE as well and I'm not sure what is going on.

I would LOVE to take a rest ... but there is no rest when you're daughter is whining that she can't get on facebook :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP