Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please Help ME!

Started by Aprilzdesigns , Sep 25 2011 06:58 AM

  • Please log in to reply

#1
Aprilzdesigns
Posted 25 September 2011 - 06:58 AM

Aprilzdesigns

    New Member

  • Member
  • Pip
  • 1 posts
Hello! I pray that someone can help me understand all of this. I know that my e-mail has been attacked because I have several people that are in my Contacts tell me that they are receiving messages with youtube links in them at all hours of the night. So, I tried to "clean up" my system but don't really know what I am doing. ]

I had this happen to me about a year ago & I took my computer a computer guy to clean it up for me. He said he couldn't find anything but had cleaned up my computer & left a bunch of programs on it. So, I started running them myself now to try to clean it up again.

First, I ran AVG. A free program the guy had put on my computer to protect it. It told me to upgrade to include Internet Security. So, I thought WHY NOT? I need this extra security online anyway. It is my e-mail that I am having a prob. with anyway, right? Then I found out that my web browser I have been using, Google Chrome, (also put on my computer by the guy) did not support AVG Security that I should download Mozilla Foxfire to use as my browser. So, I did. I downloaded Foxfire & uninstalled my google chrome. Now, How do I ensure that my AVG Security is actually checking all of my mail when I'm online with my foxfire?

Then, I continued to run the AVG security scans, I ran the Hijack This scan (another program he left on my computer). which, of course led me to this forum & I even downloaded the Old Timer Log (or whatever to run a scan instead of the Hijack This). But all of these reports mean nothing to me. I do not understand them. They do not tell me if I have Spyware, Malware, trojans, etc. They do not tell me how to get rid of them, if I have them. Please help me. Thank You.
These two logs are the OTL logfiles that I ran after I ran the Hijack This but was told to upgrade to OTL: Please let me know if this is okay.


OTL logfile created on: 9/25/2011 8:20:03 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\April\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.53 Mb Total Physical Memory | 51.05 Mb Available Physical Memory | 10.65% Memory free
1.37 Gb Paging File | 0.91 Gb Available in Paging File | 66.22% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14.94 Gb Total Space | 5.58 Gb Free Space | 37.34% Space Free | Partition Type: NTFS
Drive D: | 59.59 Gb Total Space | 59.52 Gb Free Space | 99.87% Space Free | Partition Type: NTFS

Computer Name: VALUED-CB7D4C82 | User Name: April | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/25 08:19:30 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\April\My Documents\Downloads\OTL.exe
PRC - [2011/09/24 13:55:53 | 000,218,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2011/09/24 13:03:33 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011/09/09 17:43:18 | 001,220,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/09/08 06:46:00 | 002,401,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/09/01 06:16:22 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/19 06:24:14 | 002,399,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/12 06:10:32 | 000,973,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/08/25 18:24:04 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
PRC - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/07/22 23:25:06 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/24 13:55:53 | 000,218,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011/09/24 13:03:33 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
MOD - [2011/06/16 00:17:34 | 001,850,328 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (VAIOMediaPlatform-MusicServer-UPnP) VAIO Media Music Server (UPnP)
SRV - File not found [Disabled | Stopped] -- -- (VAIOMediaPlatform-MusicServer-HTTP) VAIO Media Music Server (HTTP)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/09/24 13:03:33 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/09/01 06:16:22 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/19 06:24:14 | 002,399,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2002/07/23 08:45:12 | 000,065,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)


========== Driver Services (SafeList) ==========

DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:30 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/07/11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/07/11 01:13:46 | 000,229,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/07/11 01:13:42 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/05/23 01:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2011/05/23 01:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2009/08/14 09:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 09:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/08/13 15:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/02/25 12:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2002/08/02 14:56:00 | 000,590,464 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\soma.sys -- (soma)
DRV - [2002/07/24 21:56:18 | 000,205,696 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2002/07/20 12:22:30 | 000,815,819 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)
DRV - [2002/07/19 16:25:58 | 000,202,880 | ---- | M] (YAMAHA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yacxgc.sys -- (WDM_YAMAHAAC97)
DRV - [2002/07/03 20:50:36 | 000,031,586 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyWBMS.sys -- (SONYWBMS) Sony Memory Stick controller(WB)
DRV - [2002/06/13 15:37:16 | 000,045,568 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/04/03 21:51:34 | 000,005,760 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2000/12/05 19:18:02 | 000,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.aol.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.aol.com/"

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/09/24 13:03:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/24 16:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/09/24 16:33:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\April\Application Data\Mozilla\Extensions
[2011/09/24 16:34:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/24 13:03:56 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2010/08/25 18:27:23 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/06/16 00:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/24 20:52:48 | 000,416,890 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14390 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1268825719343 (WUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://aolsvc.aol.co...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://aolsvc.aol.co...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D5F076A-3B7E-465C-9996-7EF486DC0E98}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\April\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\April\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/08/03 11:18:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/24 17:25:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/09/24 16:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\April\Local Settings\Application Data\Mozilla
[2011/09/24 16:31:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/09/24 13:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011/09/24 13:06:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\April\Application Data\AVG2012
[2011/09/24 13:03:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2011/09/24 13:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\April\Application Data\AVG Secure Search
[2011/09/24 13:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011/09/24 12:57:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/24 12:57:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/09/24 12:29:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/04/02 12:07:24 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/25 08:30:55 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\April\Desktop\Media Player.lnk
[2011/09/25 07:46:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/25 07:42:14 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/25 07:42:06 | 000,311,934 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/25 07:42:06 | 000,040,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/09/24 21:04:38 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/09/24 20:52:48 | 000,416,890 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/09/24 18:38:30 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox Internet.lnk
[2011/09/24 18:32:24 | 105,048,631 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/09/24 17:11:50 | 000,029,975 | ---- | M] () -- C:\Documents and Settings\April\My Documents\bookmarks_9_24_11.html
[2011/09/24 16:34:15 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\April\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox Internet.lnk
[2011/09/24 16:29:20 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/24 14:17:33 | 000,661,889 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/09/24 13:03:58 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/09/10 05:49:24 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/09 05:12:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/25 07:41:55 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2011/09/24 21:03:16 | 000,000,328 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/09/24 18:32:24 | 105,048,631 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/09/24 17:39:31 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/09/24 17:11:49 | 000,029,975 | ---- | C] () -- C:\Documents and Settings\April\My Documents\bookmarks_9_24_11.html
[2011/09/24 16:31:48 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\April\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox Internet.lnk
[2011/09/24 16:31:48 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox Internet.lnk
[2011/09/24 16:31:47 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/09/24 14:17:33 | 000,661,889 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/09/24 13:03:58 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/09/24 12:58:07 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjw.avm
[2010/12/26 15:50:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2010/08/31 12:49:53 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/17 10:45:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/03/05 15:26:31 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Ulead32.INI
[2008/10/23 16:50:03 | 000,010,202 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2008/10/23 09:37:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2008/10/23 09:35:45 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS45.DLL
[2008/05/18 14:59:46 | 000,119,808 | ---- | C] () -- C:\Documents and Settings\April\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/02 14:24:20 | 000,000,232 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/02/22 15:07:38 | 000,285,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsio.sys
[2008/02/22 15:07:38 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsreged.sys
[2008/01/25 13:09:10 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2008/01/25 13:09:09 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2008/01/25 13:09:09 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2008/01/25 13:09:09 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\dc240u.sys
[2008/01/25 13:09:03 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2008/01/25 13:09:03 | 000,048,640 | ---- | C] () -- C:\WINDOWS\catalogSubInstaller.exe
[2008/01/14 12:40:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/14 09:19:26 | 000,000,715 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2008/01/14 09:13:49 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/01/04 12:47:36 | 000,000,008 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/01/03 17:30:09 | 000,000,026 | ---- | C] () -- C:\WINDOWS\ERegClnt.INI
[2008/01/03 17:03:34 | 000,028,768 | ---- | C] () -- C:\WINDOWS\System32\PopWait.exe
[2008/01/03 17:03:34 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\RegHero.exe
[2005/07/22 23:25:07 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2005/07/22 23:25:07 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2002/08/15 13:45:06 | 000,262,416 | ---- | C] () -- C:\WINDOWS\System32\ASFV2.DLL
[2002/08/15 13:43:08 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2002/08/15 13:43:07 | 000,000,599 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2002/08/15 13:40:19 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\qttask.exe
[2002/08/15 13:30:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2002/08/15 13:30:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\pxhpinst.exe
[2002/08/03 14:45:33 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/08/03 12:31:57 | 000,005,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\srvkp.sys
[2002/08/03 12:31:11 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis740.bin
[2002/08/03 12:31:11 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis650.bin
[2002/08/03 12:30:54 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2002/08/03 12:30:54 | 000,086,275 | ---- | C] () -- C:\WINDOWS\System32\waitwnd.exe
[2002/08/03 12:17:45 | 000,012,209 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2002/08/03 12:17:45 | 000,000,980 | ---- | C] () -- C:\WINDOWS\System32\2_ssetup.ini
[2002/08/03 12:17:45 | 000,000,927 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2002/08/03 12:17:42 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2002/08/03 11:43:24 | 000,000,804 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/08/03 11:25:22 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2002/08/03 11:20:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/08/03 11:16:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/03 11:07:38 | 000,311,912 | ---- | C] () -- C:\WINDOWS\Q320174.exe
[2002/08/03 11:07:37 | 000,208,488 | ---- | C] () -- C:\WINDOWS\Q318623.exe
[2002/08/03 11:07:36 | 000,641,640 | ---- | C] () -- C:\WINDOWS\Q318138.exe
[2002/08/03 11:07:33 | 002,931,304 | ---- | C] () -- C:\WINDOWS\Q317277.exe
[2002/08/03 11:07:32 | 001,189,992 | ---- | C] () -- C:\WINDOWS\Q316397.exe
[2002/08/03 11:07:31 | 000,621,672 | ---- | C] () -- C:\WINDOWS\Q316134.exe
[2002/08/03 11:07:30 | 000,599,144 | ---- | C] () -- C:\WINDOWS\Q315000.EXE
[2002/08/03 11:07:30 | 000,487,016 | ---- | C] () -- C:\WINDOWS\Q315403.EXE
[2002/08/03 11:07:29 | 000,302,696 | ---- | C] () -- C:\WINDOWS\Q312370.EXE
[2002/08/03 11:07:29 | 000,234,088 | ---- | C] () -- C:\WINDOWS\Q314147.exe
[2002/08/03 11:07:28 | 000,605,288 | ---- | C] () -- C:\WINDOWS\Q312368.EXE
[2002/08/03 11:07:28 | 000,329,320 | ---- | C] () -- C:\WINDOWS\Q312131.exe
[2002/08/03 11:07:27 | 000,290,920 | ---- | C] () -- C:\WINDOWS\Q311889.EXE
[2002/08/03 11:07:27 | 000,252,520 | ---- | C] () -- C:\WINDOWS\Q311967.exe
[2002/08/03 11:07:26 | 000,517,736 | ---- | C] () -- C:\WINDOWS\Q310601.exe
[2002/08/03 11:07:26 | 000,248,424 | ---- | C] () -- C:\WINDOWS\Q311785.exe
[2002/08/03 11:07:24 | 002,039,400 | ---- | C] () -- C:\WINDOWS\Q309521.exe
[2002/08/03 11:07:24 | 000,170,856 | ---- | C] () -- C:\WINDOWS\Q309056.exe
[2002/08/03 11:07:23 | 000,474,728 | ---- | C] () -- C:\WINDOWS\Q308677.EXE
[2002/08/03 11:07:23 | 000,359,016 | ---- | C] () -- C:\WINDOWS\Q308402.EXE
[2002/08/03 11:07:22 | 000,188,520 | ---- | C] () -- C:\WINDOWS\Q307274.exe
[2002/08/03 11:07:22 | 000,159,336 | ---- | C] () -- C:\WINDOWS\Q307271.exe
[2002/08/03 11:07:22 | 000,148,584 | ---- | C] () -- C:\WINDOWS\Q308387.EXE
[2002/08/03 11:07:21 | 000,240,232 | ---- | C] () -- C:\WINDOWS\Q306583.exe
[2002/08/03 11:05:41 | 000,000,672 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/08/03 11:05:06 | 000,311,934 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/03 11:05:06 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/08/03 11:05:06 | 000,040,196 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/03 11:05:06 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/08/03 11:05:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/08/03 11:05:05 | 000,004,530 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/03 11:05:03 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/08/03 11:04:56 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/08/03 11:04:55 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/08/03 11:04:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/08/03 11:04:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/03 04:11:58 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/08/03 04:11:10 | 000,120,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

< End of report >

OTL Extras logfile created on: 9/25/2011 8:20:03 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\April\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.53 Mb Total Physical Memory | 51.05 Mb Available Physical Memory | 10.65% Memory free
1.37 Gb Paging File | 0.91 Gb Available in Paging File | 66.22% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14.94 Gb Total Space | 5.58 Gb Free Space | 37.34% Space Free | Partition Type: NTFS
Drive D: | 59.59 Gb Total Space | 59.52 Gb Free Space | 99.87% Space Free | Partition Type: NTFS

Computer Name: VALUED-CB7D4C82 | User Name: April | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125AA92-F44D-4DB3-8B98-2F14A7B9ACB1}" = Experience Vaio
"{117C01B5-9D68-4A15-85E2-A7CDFA82CEB9}" = OpenMG Secure Module 3.1
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 2.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21CF3E6E-1659-433E-B6CE-165D793560DA}" = VAIO Grid Wallpaper
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 26
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}" = Music Visualizer Library 1.4.00
"{3C67D8C0-F0EC-11D3-99D3-00C04FCCB775}" = VAIO Action Setup
"{3E908702-AF35-4611-9518-955DA24B7E07}" = Microsoft XML Parser and SDK
"{48BE827A-2D06-4804-90C3-4F2F8460F9D4}" = Support Actions WinXP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56839333-0802-40D6-9A50-EBB9EB2BF541}" = AVG 2012
"{6060E6A1-5342-4D2B-8F66-B6D6E20BBD03}" = VAIO Help & Support
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6990A2BF-D1D2-11D3-81BC-00609789C908}" = Sony DV Shared Library
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Installer 2.0
"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage 1.5.00
"{72275927-4241-46A7-A9C4-B86C6B256EB6}" = ImageStation Demo
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{802EF464-4992-42B3-8434-45151AD3C933}" = VAIO Serenus Wallpaper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{913D0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard for Students and Teachers
"{A1713E14-4A72-4DE1-B555-5354F710D51E}" = AVG 2012
"{AA14D661-8B7A-4A8F-B093-405C160178AF}" = VAIO Registration
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{ACEC9C3E-0100-4EBE-B298-35A2145828A0}" = VAIO Brezza Wallpaper
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B81023A5-71ED-46EB-BE3B-9F974D1155F1}" = HP Software Update
"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH
"{DF0DD6E9-F673-4466-8353-70B50A506FD9}" = VAIO Media Platform 2.0
"{DF733005-0F40-11D6-9254-0000F460E7A9}" = VAIO Media Music Server 2.0
"{F901CA6D-A074-42D3-A11D-33AAE6FFD0C1}" = HP Deskjet 3740
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe PhotoDeluxe Home Edition 4.0" = Adobe PhotoDeluxe Home Edition 4.0
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"AOL Toolbar 5.0" =
"ATT-HSI" = ATT-HSI
"AVG" = AVG 2012
"HijackThis" = HijackThis 2.0.2
"HP Deskjet 3740 Series_Driver" = HP Deskjet 3740 Series
"ie8" = Windows Internet Explorer 8
"InstallShield_{AA14D661-8B7A-4A8F-B093-405C160178AF}" = VAIO Registration
"LSI Soft Modem" = LSI PCI Soft Modem
"Lucent Technologies Soft Modem" = Lucent Technologies Soft Modem AMR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Motion JPEG Software Decoder" = Motion JPEG Software Decoder
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"SiS Compatible VGA V2.09a" = SiS Compatible VGA V2.09a
"VAIO Support" = VAIO Support
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/5/2010 11:33:25 AM | Computer Name = VALUED-CB7D4C82 | Source = Application Hang | ID = 1002
Description = Hanging application PhotoCD.exe, version 2.5.2.687, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/5/2010 11:33:26 AM | Computer Name = VALUED-CB7D4C82 | Source = Application Hang | ID = 1002
Description = Hanging application PhotoCD.exe, version 2.5.2.687, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/5/2010 11:34:04 AM | Computer Name = VALUED-CB7D4C82 | Source = Application Error | ID = 1005
Description = Windows cannot access the file F:\QtGui4.dll for one of the following
reasons: there is a problem with the network connection, the disk that the file
is stored on, or the storage drivers installed on this computer; or the disk is
missing. Windows closed the program C++ application development framework. because
of this error. Program: C++ application development framework. File: F:\QtGui4.dll

The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000240 Disk
type: 5

Error - 6/5/2010 11:34:13 AM | Computer Name = VALUED-CB7D4C82 | Source = Application Error | ID = 1000
Description = Faulting application PhotoCD.exe, version 2.5.2.687, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x000500b6.

Error - 6/11/2010 7:00:35 AM | Computer Name = VALUED-CB7D4C82 | Source = Application Error | ID = 1000
Description = Faulting application NAVAPSVC.EXE, version 9.0.5.1015, faulting module
NAVAPSVC.EXE, version 9.0.5.1015, fault address 0x000088ff.

Error - 6/13/2010 4:25:46 PM | Computer Name = VALUED-CB7D4C82 | Source = Application Hang | ID = 1002
Description = Hanging application POWERPNT.EXE, version 10.0.2623.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/13/2010 4:31:48 PM | Computer Name = VALUED-CB7D4C82 | Source = Application Error | ID = 1000
Description = Faulting application photocd.exe, version 2.5.2.687, faulting module
photocd.exe, version 2.5.2.687, fault address 0x000726e3.

Error - 6/13/2010 4:33:39 PM | Computer Name = VALUED-CB7D4C82 | Source = Application Hang | ID = 1002
Description = Hanging application PhotoCD.exe, version 2.5.2.687, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/13/2010 4:33:39 PM | Computer Name = VALUED-CB7D4C82 | Source = Application Hang | ID = 1002
Description = Hanging application PhotoCD.exe, version 2.5.2.687, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/13/2010 6:16:00 PM | Computer Name = VALUED-CB7D4C82 | Source = Application Error | ID = 1000
Description = Faulting application NAVAPSVC.EXE, version 9.0.5.1015, faulting module
NAVAPSVC.EXE, version 9.0.5.1015, fault address 0x000088ff.

[ System Events ]
Error - 9/13/2011 7:20:34 AM | Computer Name = VALUED-CB7D4C82 | Source = PlugPlayManager | ID = 12
Description = The device '_NEC CD-RW NR-9100A' (IDE\CdRom_NEC_CD-RW_NR-9100A_____________________1.80____\5&11078e78&0&0.1.0)
disappeared from the system without first being prepared for removal.

Error - 9/15/2011 6:11:31 PM | Computer Name = VALUED-CB7D4C82 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.64 on
the Network Card with network address 00E018B20324.

Error - 9/18/2011 5:20:04 PM | Computer Name = VALUED-CB7D4C82 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.64 on
the Network Card with network address 00E018B20324.

Error - 9/18/2011 5:20:45 PM | Computer Name = VALUED-CB7D4C82 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the W32Time service.

Error - 9/22/2011 4:55:22 PM | Computer Name = VALUED-CB7D4C82 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.64 on
the Network Card with network address 00E018B20324.

Error - 9/23/2011 7:02:06 AM | Computer Name = VALUED-CB7D4C82 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Dnscache service.

Error - 9/24/2011 12:19:47 PM | Computer Name = VALUED-CB7D4C82 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.64 on
the Network Card with network address 00E018B20324.

Error - 9/24/2011 1:42:31 PM | Computer Name = VALUED-CB7D4C82 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avgwd service.

Error - 9/24/2011 1:43:01 PM | Computer Name = VALUED-CB7D4C82 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the service.

Error - 9/24/2011 5:46:08 PM | Computer Name = VALUED-CB7D4C82 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP