Jump to content

Keep getting same malware back. Help?


Recommended Posts

Hi,

this computer is infected with a lot of malware so I scanned it several times, safe mode and everything, but I keep getting 6 malware back all the times when I do a full scan. Even if I disconnect computer from internet. How is it possible?

I searched this forum and I ran OTL. If somebody can help please that would be great.

My OTL logs are following.

Thanx a bunch!

OTL logfile created on: 10/21/2010 3:39:59 PM - Run 1

OTL by OldTimer - Version 3.2.16.0 Folder = C:\Documents and Settings\Lisa Pratt\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.00 Mb Total Physical Memory | 270.00 Mb Available Physical Memory | 54.00% Memory free

2.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free

Paging file location(s): C:\pagefile.sys 1200 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71.07 Gb Total Space | 21.41 Gb Free Space | 30.12% Space Free | Partition Type: NTFS

Drive I: | 7.46 Gb Total Space | 0.01 Gb Free Space | 0.14% Space Free | Partition Type: FAT32

Computer Name: D5HXJS61 | User Name: Lisa Pratt | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/21 15:39:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lisa Pratt\Desktop\OTL.exe

PRC - [2010/10/21 15:23:38 | 000,021,504 | ---- | M] () -- C:\Program Files\ISTsvc\istsvc.exe

PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\gkjhgkjju.exe

PRC - [2010/04/12 18:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2009/07/29 16:52:10 | 001,024,512 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe

PRC - [2008/09/08 11:21:05 | 000,112,072 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

PRC - [2008/09/08 11:19:23 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe

PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/10/08 17:50:56 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1171534602\ee\aolsoftware.exe

PRC - [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe

PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe

PRC - [2006/10/12 19:13:54 | 000,283,161 | ---- | M] () -- C:\Documents and Settings\Lisa Pratt\Local Settings\Temp\fsg_4203.exe

PRC - [2006/10/11 12:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe

PRC - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\WrtMon.exe

PRC - [2006/09/19 16:05:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\WrtProc.exe

PRC - [2006/03/30 10:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe

PRC - [2006/03/21 21:30:00 | 001,191,936 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

PRC - [2006/03/16 15:47:04 | 000,061,440 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Memory Card Utility\iP6700D\PDUiP6700DMon.exe

PRC - [2004/10/14 17:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe

PRC - [2004/09/09 18:35:38 | 001,597,440 | ---- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe

PRC - [2004/08/27 15:29:10 | 000,417,792 | ---- | M] (Dell) -- C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exE

PRC - [2004/08/26 17:57:02 | 000,450,560 | ---- | M] (Dell) -- C:\WINDOWS\SYSTEM32\dlbxcoms.exe

PRC - [2004/04/27 03:04:44 | 000,635,019 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

PRC - [2004/02/19 11:01:48 | 000,301,624 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\SYSTEM32\DRIVERS\KodakCCS.exe

PRC - [2004/02/11 17:58:16 | 000,016,423 | ---- | M] () -- C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

PRC - [2003/10/29 05:06:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe

PRC - [2003/08/27 12:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe

PRC - [2003/02/04 09:22:30 | 000,181,312 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ScsiAccess.EXE

========== Modules (SafeList) ==========

MOD - [2010/10/21 15:39:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lisa Pratt\Desktop\OTL.exe

MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msscript.ocx

MOD - [2006/10/04 22:07:12 | 000,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll

MOD - [2004/02/11 17:58:16 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Lisa Pratt\Local Settings\Temp\IadHide5.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\windump.exe -- (windump)

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

SRV - [2008/09/08 11:19:23 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)

SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)

SRV - [2006/03/30 10:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

SRV - [2004/08/26 17:57:02 | 000,450,560 | ---- | M] (Dell) [On_Demand | Running] -- C:\WINDOWS\System32\dlbxcoms.exe -- (dlbx_device)

SRV - [2004/02/19 11:01:48 | 000,301,624 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\KodakCCS.exe -- (KodakCCS)

SRV - [2003/08/27 12:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)

SRV - [2003/02/04 09:22:30 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SYSTEM32\ScsiAccess.EXE -- (ScsiAccess)

========== Driver Services (SafeList) ==========

DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)

DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)

DRV - [2007/04/13 13:30:39 | 000,025,136 | ---- | M] (America Online) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atwpkt2.sys -- (ATWPKT2)

DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)

DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)

DRV - [2005/02/20 21:02:28 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)

DRV - [2004/09/17 12:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)

DRV - [2004/08/13 04:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)

DRV - [2004/08/13 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)

DRV - [2004/08/13 03:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)

DRV - [2004/08/13 03:05:00 | 000,086,202 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)

DRV - [2004/08/13 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)

DRV - [2004/08/13 03:05:00 | 000,025,723 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)

DRV - [2004/08/13 03:05:00 | 000,014,715 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)

DRV - [2004/08/13 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)

DRV - [2004/08/13 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)

DRV - [2004/08/13 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)

DRV - [2004/08/04 05:21:00 | 000,087,136 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)

DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)

DRV - [2004/07/14 13:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)

DRV - [2004/07/14 13:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)

DRV - [2004/06/17 17:57:02 | 000,200,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWICH.sys -- (HSFHWICH)

DRV - [2004/06/17 17:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)

DRV - [2004/06/17 17:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)

DRV - [2004/04/23 11:59:44 | 000,044,032 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)

DRV - [2004/04/09 09:35:41 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Lisa Pratt\Local Settings\Temp\gtermddo.sys -- (gtermddo)

DRV - [2004/02/19 09:23:46 | 000,148,529 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ExportIt.sys -- (Exportit)

DRV - [2003/12/05 10:48:34 | 000,068,182 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcPtp.sys -- (DcPTP)

DRV - [2003/12/05 10:40:20 | 000,036,918 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcCam.sys -- (DcCam)

DRV - [2003/11/16 20:50:06 | 000,038,737 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\DCFS2k.sys -- (DCFS2K)

DRV - [2003/09/30 19:00:08 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcFpoint.sys -- (DcFpoint)

DRV - [2003/09/30 18:59:14 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcLps.sys -- (DcLps)

DRV - [2003/01/10 18:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

DRV - [2002/11/08 15:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)

DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)

DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)

DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)

DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)

DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)

DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)

DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)

DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)

DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)

DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)

DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)

DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)

DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)

DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)

DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.viewpoint.com/landing/v38a.html

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.viewpoint.com/landing/v38a.html

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2852379324-998045440-989621390-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz

IE - HKU\S-1-5-21-2852379324-998045440-989621390-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page.ht...ount_id=1002412

IE - HKU\S-1-5-21-2852379324-998045440-989621390-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Ask.com

IE - HKU\S-1-5-21-2852379324-998045440-989621390-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2....p;l=zu&o=sb

IE - HKU\S-1-5-21-2852379324-998045440-989621390-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/

IE - HKU\S-1-5-21-2852379324-998045440-989621390-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page.ht...ount_id=1002412

IE - HKU\S-1-5-21-2852379324-998045440-989621390-1006\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)

IE - HKU\S-1-5-21-2852379324-998045440-989621390-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2852379324-998045440-989621390-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

[2009/11/11 19:40:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Pratt\Application Data\Mozilla\Extensions

[2009/11/11 19:40:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lisa Pratt\Application Data\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2010/10/21 08:19:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll File not found

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()

O2 - BHO: (InstaFinderK) - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Program Files\INSTAFINK\instafink.dll ()

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)

O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()

O2 - BHO: (Viewpoint Toolbar BHO) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.9.0\ViewBarBHO.dll (Viewpoint Corporation)

O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll File not found

O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()

O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()

O3 - HKLM\..\Toolbar: (AIM Search) - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll File not found

O3 - HKLM\..\Toolbar: (Viewpoint Toolbar) - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll (Viewpoint Corporation)

O3 - HKU\S-1-5-21-2852379324-998045440-989621390-1006\..\Toolbar\WebBrowser: (AIM Search) - {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll File not found

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)

O4 - HKLM..\Run: [bywwvwsys] C:\WINDOWS\System32\nnmlii.dll (foobar2000.org)

O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4 - HKLM..\Run: [dALJd] C:\WINDOWS\bslcsfjw.exe ()

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [dlbxmon.exe] C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe (Dell)

O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1171534602\ee\aolsoftware.exe (AOL LLC)

O4 - HKLM..\Run: [iST Service] C:\Program Files\ISTsvc\istsvc.exe ()

O4 - HKLM..\Run: [KernelFaultCheck] File not found

O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)

O4 - HKLM..\Run: [PDUiP6700DMon] C:\Program Files\Canon\Memory Card Utility\iP6700D\PDUiP6700DMon.exe (CANON INC.)

O4 - HKLM..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [ssrqqpaudio] C:\WINDOWS\System32\pmnmml.dll (foobar2000.org)

O4 - HKLM..\Run: [Trickler] c:\documents and settings\lisa pratt\local settings\temp\fsg_4203.exe ()

O4 - HKLM..\Run: [updateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)

O4 - HKLM..\Run: [userFaultCheck] File not found

O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\WrtMon.exe ()

O4 - HKU\.DEFAULT..\Run: [Adobe cleanup] File not found

O4 - HKU\.DEFAULT..\Run: [fcbxuusys] C:\WINDOWS\System32\nnmlii.dll (foobar2000.org)

O4 - HKU\S-1-5-18..\Run: [Adobe cleanup] File not found

O4 - HKU\S-1-5-18..\Run: [fcbxuusys] C:\WINDOWS\System32\nnmlii.dll (foobar2000.org)

O4 - HKU\S-1-5-21-2852379324-998045440-989621390-1006..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)

O4 - HKU\S-1-5-21-2852379324-998045440-989621390-1006..\Run: [fcyyyxaudio] C:\WINDOWS\System32\pmnmml.dll (foobar2000.org)

O4 - HKU\S-1-5-21-2852379324-998045440-989621390-1006..\Run: [MSKAGENTEXE] c:\PROGRA~1\mcafee\SPAMKI~1\mskagent.exe File not found

O4 - HKU\S-1-5-21-2852379324-998045440-989621390-1006..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)

O4 - HKU\.DEFAULT..\RunOnce: [91607778] C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\91607778.exe File not found

O4 - HKU\S-1-5-18..\RunOnce: [91607778] C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\91607778.exe File not found

O4 - HKLM..\RunOnceEx: [] File not found

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe ()

O4 - Startup: C:\Documents and Settings\Lisa Pratt\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)

O4 - Startup: C:\Documents and Settings\Lisa Pratt\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2852379324-998045440-989621390-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKU\S-1-5-21-2852379324-998045440-989621390-1006\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O15 - HKU\S-1-5-21-2852379324-998045440-989621390-1006\..Trusted Domains: facebook.com ([www] https in Trusted sites)

O15 - HKU\S-1-5-21-2852379324-998045440-989621390-1006\..Trusted Domains: turbotax.com ([]https in Trusted sites)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_08)

O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62

O20 - AppInit_DLLs: (C:\WINDOWS\system32\mcafeemn.dll) - C:\WINDOWS\System32\mcafeemn.dll File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found

O22 - SharedTaskScheduler: {cea2e5cd-e849-427b-80f0-59298caef1c4} - convalescently - C:\WINDOWS\System32\cqsfk.dll File not found

O24 - Desktop WallPaper: C:\Documents and Settings\Lisa Pratt\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lisa Pratt\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O30 - LSA: Authentication Packages - (nnmlii.dll) - C:\WINDOWS\System32\nnmlii.dll (foobar2000.org)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{751c38a5-b558-11df-8e29-00038a000015}\Shell - "" = AutoRun

O33 - MountPoints2\{751c38a5-b558-11df-8e29-00038a000015}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\J\Shell - "" = AutoRun

O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/21 15:39:26 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lisa Pratt\Desktop\OTL.exe

[2010/10/21 15:27:59 | 000,118,272 | -H-- | C] (foobar2000.org) -- C:\WINDOWS\System32\khifda.dll

[2010/10/21 11:31:27 | 000,118,272 | -H-- | C] (foobar2000.org) -- C:\WINDOWS\System32\xxyvsp.dll

[2010/10/21 10:24:34 | 000,118,272 | -H-- | C] (foobar2000.org) -- C:\WINDOWS\System32\xxvuuu.dll

[2010/10/21 09:25:34 | 000,118,272 | -H-- | C] (foobar2000.org) -- C:\WINDOWS\System32\fccaxy.dll

[2010/10/21 09:08:08 | 000,118,272 | -H-- | C] (foobar2000.org) -- C:\WINDOWS\System32\xxvtro.dll

[2010/10/21 09:07:22 | 000,000,000 | ---D | C] -- C:\Program Files\ISTsvc

[2010/10/21 07:23:43 | 000,118,272 | -H-- | C] (foobar2000.org) -- C:\WINDOWS\System32\pmnmml.dll

[2010/10/21 07:15:16 | 000,118,272 | -H-- | C] (foobar2000.org) -- C:\WINDOWS\System32\opmkhh.dll

[2010/10/20 07:18:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lisa Pratt\Application Data\Malwarebytes

[2010/10/20 07:00:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/10/20 07:00:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/10/20 07:00:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/10/20 07:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/10/20 07:00:12 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Lisa Pratt\Desktop\mbam-setup-1.46.exe

[2010/10/15 21:24:47 | 000,140,288 | ---- | C] (GnuWin32 <http://gnuwin32.sourceforge.net>) -- C:\WINDOWS\System32\pcre3.dll

[2010/10/15 21:24:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe updater

[2010/10/15 21:24:15 | 000,109,056 | -H-- | C] (foobar2000.org) -- C:\WINDOWS\System32\nnmlii.dll

[2010/10/15 21:23:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM

[2010/10/15 21:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe

[2010/10/15 21:23:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun

[2010/10/06 14:09:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia

[2010/10/06 14:09:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe

[2010/10/06 09:45:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/21 15:39:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lisa Pratt\Desktop\OTL.exe

[2010/10/21 15:32:32 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At16.job

[2010/10/21 15:32:32 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At15.job

[2010/10/21 15:32:32 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At14.job

[2010/10/21 15:31:02 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010/10/21 15:27:59 | 000,118,272 | -H-- | M] (foobar2000.org) -- C:\WINDOWS\System32\khifda.dll

[2010/10/21 12:23:22 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/10/21 12:22:27 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At13.job

[2010/10/21 12:22:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT

[2010/10/21 12:22:19 | 526,536,704 | -HS- | M] () -- C:\hiberfil.sys

[2010/10/21 11:31:27 | 000,118,272 | -H-- | M] (foobar2000.org) -- C:\WINDOWS\System32\xxyvsp.dll

[2010/10/21 11:10:14 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At12.job

[2010/10/21 10:24:34 | 000,118,272 | -H-- | M] (foobar2000.org) -- C:\WINDOWS\System32\xxvuuu.dll

[2010/10/21 10:10:13 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At11.job

[2010/10/21 09:25:34 | 000,118,272 | -H-- | M] (foobar2000.org) -- C:\WINDOWS\System32\fccaxy.dll

[2010/10/21 09:23:22 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Lisa Pratt\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/10/21 09:10:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At10.job

[2010/10/21 09:08:08 | 000,118,272 | -H-- | M] (foobar2000.org) -- C:\WINDOWS\System32\xxvtro.dll

[2010/10/21 08:19:00 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\HOSTS

[2010/10/21 08:12:05 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\Lisa Pratt\Desktop\hostsperm.bat

[2010/10/21 07:23:43 | 000,118,272 | -H-- | M] (foobar2000.org) -- C:\WINDOWS\System32\pmnmml.dll

[2010/10/21 07:15:16 | 000,118,272 | -H-- | M] (foobar2000.org) -- C:\WINDOWS\System32\opmkhh.dll

[2010/10/21 07:13:49 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Lisa Pratt\Desktop\rkill.com

[2010/10/20 07:00:27 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Lisa Pratt\Desktop\mbam-setup-1.46.exe

[2010/10/20 06:57:35 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Lisa Pratt\Desktop\Shortcut to iexplore.lnk

[2010/10/19 19:10:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At20.job

[2010/10/19 18:41:52 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI

[2010/10/19 18:16:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL

[2010/10/18 10:10:28 | 000,013,590 | ---- | M] () -- C:\WINDOWS\System32\235.js

[2010/10/15 21:24:47 | 000,140,288 | ---- | M] (GnuWin32 <http://gnuwin32.sourceforge.net>) -- C:\WINDOWS\System32\pcre3.dll

[2010/10/15 21:24:15 | 000,109,056 | -H-- | M] (foobar2000.org) -- C:\WINDOWS\System32\nnmlii.dll

[2010/10/15 21:10:35 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At22.job

[2010/10/15 21:10:35 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At21.job

[2010/10/15 19:14:08 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At17.job

[2010/10/13 18:10:03 | 000,010,053 | ---- | M] () -- C:\WINDOWS\System32\234.js

[2010/10/13 18:10:03 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At19.job

[2010/10/13 17:10:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At18.job

[2010/10/07 20:15:50 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2010/10/06 16:33:24 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At9.job

[2010/10/06 16:33:24 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At8.job

[2010/10/06 16:33:24 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At7.job

[2010/10/06 16:33:24 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At6.job

[2010/10/06 16:33:24 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At5.job

[2010/10/06 16:33:24 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At24.job

[2010/10/06 16:33:24 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At23.job

[2010/10/06 16:33:18 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At4.job

[2010/10/06 16:33:15 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At3.job

[2010/10/06 16:33:14 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At2.job

[2010/10/06 16:33:13 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At1.job

[2010/10/06 15:56:42 | 000,011,264 | ---- | M] () -- C:\WINDOWS\bslcsfjw.exe

[2010/10/06 15:51:12 | 000,249,056 | ---- | M] () -- C:\WINDOWS\System32\Status.MPF

[2010/10/06 15:39:09 | 000,381,692 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT

[2010/10/06 15:39:09 | 000,053,436 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT

[2010/10/06 15:29:22 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/21 09:02:53 | 526,536,704 | -HS- | C] () -- C:\hiberfil.sys

[2010/10/21 08:12:05 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Lisa Pratt\Desktop\hostsperm.bat

[2010/10/21 07:13:49 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\Lisa Pratt\Desktop\rkill.com

[2010/10/20 07:00:38 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/10/20 06:57:35 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Lisa Pratt\Desktop\Shortcut to iexplore.lnk

[2010/10/18 10:10:28 | 000,013,590 | ---- | C] () -- C:\WINDOWS\System32\235.js

[2010/10/13 17:10:04 | 000,010,053 | ---- | C] () -- C:\WINDOWS\System32\234.js

[2010/10/06 16:33:24 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At24.job

[2010/10/06 16:33:23 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At23.job

[2010/10/06 16:33:23 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At22.job

[2010/10/06 16:33:23 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At21.job

[2010/10/06 16:33:23 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At20.job

[2010/10/06 16:33:22 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At19.job

[2010/10/06 16:33:22 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At18.job

[2010/10/06 16:33:22 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At17.job

[2010/10/06 16:33:22 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At16.job

[2010/10/06 16:33:21 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At15.job

[2010/10/06 16:33:21 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At14.job

[2010/10/06 16:33:21 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At13.job

[2010/10/06 16:33:20 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At9.job

[2010/10/06 16:33:20 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At12.job

[2010/10/06 16:33:20 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At11.job

[2010/10/06 16:33:20 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At10.job

[2010/10/06 16:33:19 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At8.job

[2010/10/06 16:33:19 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At7.job

[2010/10/06 16:33:19 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At6.job

[2010/10/06 16:33:18 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At5.job

[2010/10/06 16:33:17 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At4.job

[2010/10/06 16:33:15 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At3.job

[2010/10/06 16:33:14 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At2.job

[2010/10/06 16:33:12 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\At1.job

[2010/10/06 15:56:42 | 000,011,264 | ---- | C] () -- C:\WINDOWS\bslcsfjw.exe

[2010/10/06 14:09:19 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010/02/07 22:23:44 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Lisa Pratt\Application Data\ZBWallpaper.bmp

[2009/11/22 20:48:46 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini

[2009/11/11 18:53:05 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Lisa Pratt\Application Data\Smiley.ico

[2009/01/17 11:41:15 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2008/05/27 20:18:15 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI

[2008/05/21 22:14:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL

[2008/05/21 22:13:39 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll

[2008/05/21 22:11:26 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI

[2007/08/26 21:06:10 | 000,000,276 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2005/11/02 21:42:15 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Lisa Pratt\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2005/05/18 16:35:37 | 000,000,021 | ---- | C] () -- C:\WINDOWS\FxSetDll.INI

[2005/03/31 21:07:46 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2005/03/27 11:35:38 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2005/03/08 08:12:36 | 000,001,698 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini

[2005/02/22 20:17:45 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Lisa Pratt\Application Data\PFP120JPR.{PB

[2005/02/22 20:17:45 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Lisa Pratt\Application Data\PFP120JCM.{PB

[2005/02/20 16:53:05 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Lisa Pratt\Local Settings\Application Data\fusioncache.dat

[2005/02/20 16:34:49 | 000,000,952 | ---- | C] () -- C:\WINDOWS\dellstat.ini

[2005/02/20 16:33:11 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\dlbxins.dll

[2005/02/20 16:33:11 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dlbxinsr.dll

[2005/02/20 16:33:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbxvs.dll

[2005/02/20 16:33:09 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\dlbxutil.dll

[2005/02/20 16:33:09 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbxcu.dll

[2005/02/20 16:33:09 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\dlbxcur.dll

[2005/02/20 16:33:08 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlbxinsb.dll

[2005/02/20 16:33:08 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\dlbxjswr.dll

[2005/02/20 16:33:08 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dlbxcub.dll

[2005/02/08 13:21:05 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005/02/08 13:13:50 | 000,000,195 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2005/02/08 12:37:58 | 000,000,521 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2004/09/16 02:28:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2004/08/10 15:13:12 | 000,000,788 | ---- | C] () -- C:\WINDOWS\ORUN32.INI

[2004/08/10 15:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/08/04 07:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll

[2004/08/04 07:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll

[2004/08/04 07:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll

[2004/08/04 07:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll

[2004/08/04 07:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll

[2004/08/04 07:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI

[2000/09/08 16:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll

< End of report >

OTL Extras logfile created on: 10/21/2010 3:39:59 PM - Run 1

OTL by OldTimer - Version 3.2.16.0 Folder = C:\Documents and Settings\Lisa Pratt\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.00 Mb Total Physical Memory | 270.00 Mb Available Physical Memory | 54.00% Memory free

2.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free

Paging file location(s): C:\pagefile.sys 1200 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71.07 Gb Total Space | 21.41 Gb Free Space | 30.12% Space Free | Partition Type: NTFS

Drive I: | 7.46 Gb Total Space | 0.01 Gb Free Space | 0.14% Space Free | Partition Type: FAT32

Computer Name: D5HXJS61 | User Name: Lisa Pratt | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = aol_htm] -- C:\Program Files\AOL\Explorer\AOLExplorer.exe (AOL LLC)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

http [open] -- "C:\Program Files\AOL\Explorer\AOLExplorer.exe" -u "%1" (AOL LLC)

https [open] -- "C:\Program Files\AOL\Explorer\AOLExplorer.exe" -u "%1" (AOL LLC)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [browse with Paint Shop Pro Studio] -- "C:\Program Files\Jasc Software Inc\Paint Shop Pro Studio\\Paint Shop Pro Studio.exe" "/Browse" "%L" (Jasc Software, Inc.)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"8087:TCP" = 8087:TCP:*:Enabled:cow

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)

"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)

"C:\WINDOWS\SYSTEM32\dlbxcoms.exe" = C:\WINDOWS\SYSTEM32\dlbxcoms.exe:*:Disabled:Dell 962 Server -- (Dell)

"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)

"C:\WINDOWS\SYSTEM32\USMT\MIGWIZ.EXE" = C:\WINDOWS\SYSTEM32\USMT\MIGWIZ.EXE:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)

"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)

"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()

"C:\Program Files\Kazaa\kazaa.exe" = C:\Program Files\Kazaa\kazaa.exe:*:Enabled:Kazaa -- File not found

"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)

"C:\Program Files\Common Files\AOL\1171534602\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1171534602\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC)

"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)

"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)

"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)

"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found

"C:\Program Files\Blubster\Blubster.exe" = C:\Program Files\Blubster\Blubster.exe:*:Enabled:Blubster -- File not found

"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier

"{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}" = aspi

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager

"{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}" = Search Settings 1.2.2

"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin

"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE

"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement

"{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}" = VCAMCEN

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP6700D" = Canon iP6700D

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803" = CanoScan 4400F

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA

"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime

"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD

"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK

"{1D643CD2-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004

"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16

"{2A6282FF-B75B-463F-90F5-0A43732F690D}" = Broadcom Management Programs

"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8

"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting

"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support

"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5

"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM

"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot

"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool

"{5BF2B19D-9C79-492A-8969-F059F06A627F}" = Print to Fax

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0

"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.3

"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH

"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit

"{6E179C77-7335-458D-9537-4F4EAC0181ED}" = Photo Click

"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer

"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03

"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files

"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore

"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon

"{78F79C84-BFD5-4D79-A07D-F39A3CF428DC}" = HLPIndex

"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport

"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper

"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes

"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5

"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp

"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver

"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}" = ESSCT

"{8C64E149-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack

"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini

"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch

Link to post
Share on other sites

Please read the following so that you can begin the cleaning process:

As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in the Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have.

  • Please read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.
  • After posting your new post, make sure under options, you select Track this topic and choose Immediate Email Notification, so that you're alerted when someone has replied to your post.
  • One of the expert helpers there will give you one-on-one assistance when one becomes available.
  • Please refrain from making any further changes to your computer (Install/Uninstall programs, use special fix tools, delete files, edit the registry, etc...) unless advised by a malware removal helper. Doing so can result in system changes which may hinder the attempts by a helper to clean your machine.
  • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version

NOTE: Please DO NOT post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies. If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

    • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
      Or
    • You may send a Private Message to a Moderator asking for assistance.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or here.

Please be patient, someone will assist you as soon as it is possible.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.