Jump to content

updated hijack log advice appreciated


Recommended Posts

Hi Matt,done as instructed above in instruction 25! reboot didnt run automatically after it said to reboot after the run fix so i restarted through clicking start! the computer sounds better as its running!

here are the text and extra logs also on the OTL it says extra registry and it is always switches to none when i load OTL its always on NONE when should this say this as i have to click it on to USE SAFE LIST i put i on USE SAFE LIST FOR RUN FIX AND RUN SCAN is this ok to do on the RUN FIX??

OTL logfile created on: 29/04/2011 02:35:19 - Run 3

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Heather\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 459.00 Mb Available Physical Memory | 45.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 81.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111.79 Gb Total Space | 86.45 Gb Free Space | 77.33% Space Free | Partition Type: NTFS

Computer Name: ALLEYCAT | User Name: Heather | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Heather\desktop\OTL.exe (OldTimer Tools)

PRC - C:\Documents and Settings\Heather\Local Settings\Application Data\Google\Update\1.3.21.53\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

PRC - C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

PRC - C:\Program Files\T-Mobile\Mobile Broadband Manager\UIExec.exe ()

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

PRC - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

PRC - C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)

PRC - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)

PRC - C:\Program Files\Virgin Mobile\Broadband Home\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)

PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)

PRC - C:\WINDOWS\system32\acs.exe (Atheros)

PRC - C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Heather\desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (SBAMSvc) -- File not found

SRV - (avg8wd) -- File not found

SRV - (avg8emc) -- File not found

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

SRV - (UI Assistant Service) -- C:\Program Files\T-Mobile\Mobile Broadband Manager\AssistantServices.exe ()

SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

SRV - (TAPPSRV) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)

SRV - (TOSHIBA Bluetooth Service) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

SRV - (ACS) -- C:\WINDOWS\system32\acs.exe (Atheros)

SRV - (TODDSrv) -- C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)

SRV - (CFSvcs) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)

DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation)

DRV - (ZTEusbvoice) -- C:\WINDOWS\system32\drivers\zteusbvoice.sys (ZTE Incorporated)

DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)

DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)

DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)

DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (MBB Incorporated)

DRV - (vodafone_K380x-z_dc_enum) -- C:\WINDOWS\system32\drivers\vodafone_K380x-z_dc_enum.sys (Vodafone)

DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)

DRV - (SBRE) -- C:\WINDOWS\system32\drivers\sbredrv.sys (Sunbelt Software)

DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RTS5121.sys (Realtek Semiconductor Corp.)

DRV - (tos_sps32) -- C:\WINDOWS\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )

DRV - (UVCFTR) -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)

DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV - (FwLnk) -- C:\WINDOWS\system32\drivers\FwLnk.sys (TOSHIBA Corporation)

DRV - (tdudf) -- C:\WINDOWS\system32\drivers\tdudf.sys (TOSHIBA Corporation)

DRV - (trudf) -- C:\WINDOWS\system32\drivers\trudf.sys (TOSHIBA Corporation)

DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\tosrfec.sys (TOSHIBA Corporation)

DRV - (tdcmdpst) -- C:\WINDOWS\system32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)

DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"

FF - prefs.js..browser.search.defaultthis.engineName: "Feboz Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://uk.search.yahoo.com/search?fr=ffsp1&p="

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-type: "${8}"

FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://uk.yahoo.com"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: npfax@microgaming.co.uk:2.1.0.19

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319

FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4daaca17&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/04/25 21:02:19 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/26 04:57:32 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/18 04:16:10 | 000,000,000 | ---D | M]

[2009/06/30 10:52:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Extensions

[2011/04/19 00:36:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions

[2011/04/19 00:34:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2011/04/16 13:56:46 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)

[2010/09/15 20:53:53 | 000,000,557 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\searchplugins\bing.xml

[2010/02/04 05:06:36 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\searchplugins\conduit.xml

[2011/04/24 13:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/08/04 15:16:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/10/23 03:33:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/12/24 01:39:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/04/25 11:10:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

File not found (No name found) --

[2011/04/25 21:02:19 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

[2009/06/24 08:39:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2011/03/18 18:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2009/05/12 17:26:34 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll

[2010/03/08 11:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Program Files\Mozilla Firefox\plugins\npmidas.dll

[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/04/22 08:07:12 | 000,432,016 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 123fporn.info

O1 - Hosts: 14894 more lines...

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\Virgin Mobile\Broadband Home\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)

O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()

O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (Google)

O4 - HKLM..\Run: [iTSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)

O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

O4 - HKLM..\Run: [NDSTray.exe] File not found

O4 - HKLM..\Run: [smoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)

O4 - HKLM..\Run: [uIExec] C:\Program Files\T-Mobile\Mobile Broadband Manager\UIExec.exe ()

O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

O4 - HKCU..\Run: [badoo Desktop] C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\Virgin Mobile\Broadband Home\VIRGIN MOBILE BROADBAND HOME.exe ()

O4 - HKCU..\Run: [search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - Reg Error: Value error. File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab (BatchDownloader Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/09/19 07:27:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell - "" = AutoRun

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun\command - "" = D:\AutoRun.exe

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell - "" = AutoRun

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun\command - "" = D:\setup_vmb_lite.exe /checkApplicationPresence

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/29 01:20:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Badoo

[2011/04/27 17:48:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Heather\Desktop\OTL.exe

[2011/04/26 22:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\licenses

[2011/04/26 22:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\PCMM2009

[2011/04/26 22:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\PCMM2011

[2011/04/26 21:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpeedyPC

[2011/04/26 21:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC

[2011/04/26 21:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedyPC

[2011/04/26 21:42:46 | 000,000,000 | ---D | C] -- C:\Drivers

[2011/04/26 05:47:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/04/26 05:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/04/26 05:46:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/04/26 04:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\HiJackThis

[2011/04/26 04:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011/04/25 21:02:41 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/04/25 21:02:41 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/04/25 21:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus

[2011/04/25 21:02:37 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/04/25 21:02:37 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/04/25 21:02:37 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/04/25 21:02:37 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/04/25 21:02:37 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/04/25 21:02:37 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/04/25 21:02:16 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/04/25 21:02:16 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/04/25 16:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegWork

[2011/04/25 11:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2011/04/25 11:41:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/04/25 11:10:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Heather\Recent

[2011/04/25 11:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\Glarysoft

[2011/04/25 11:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe

[2011/04/25 05:50:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe(2)

[2011/04/24 13:11:11 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011/04/24 13:11:10 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011/04/24 13:11:10 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011/04/24 13:08:34 | 000,069,632 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2011/04/23 21:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU

[2011/04/23 21:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\AVS4YOU

[2011/04/23 21:43:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\AVS4YOU

[2011/04/23 21:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVS4YOU

[2011/04/23 21:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia

[2011/04/23 21:42:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

[2011/04/23 21:38:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll

[2011/04/23 21:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU

[2011/04/23 20:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\My Documents\stereo_files

[2011/04/18 13:47:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy

[2011/04/18 13:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2011/04/18 13:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2011/04/18 13:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\My Documents\My Google Gadgets

[2011/04/18 04:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\Google Chrome

[2011/04/18 04:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com

[2011/04/18 03:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2011/04/17 11:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

[2011/04/17 10:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\ErrorExpert

[2011/04/16 14:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Vodafone

[2011/04/16 14:16:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Vodafone

[2011/04/16 14:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone

[2011/04/16 14:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\FLEXnet

[2011/04/16 14:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet

[2011/04/16 14:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Local Settings\Application Data\{F3E8BCCE-24B6-4737-920E-0D6073630E2A}

[2011/04/16 13:58:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang

[2011/04/16 13:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\AVG

[2011/04/16 13:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC Tuneup 2011

[2011/04/16 13:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\T-Mobile Mobile Broadband Manager

[2011/04/16 05:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\Camera Assistant Software for Gateway

[2011/04/16 05:16:54 | 000,000,000 | ---D | C] -- C:\cabs

[2011/04/15 22:39:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll

[2011/04/15 22:39:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll

[2011/04/15 22:39:12 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll

[2011/04/15 22:39:11 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll

[2011/04/15 22:39:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll

[2011/04/15 22:39:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll

[2011/04/15 22:39:09 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll

[2011/04/15 22:39:08 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe

[2011/04/15 22:39:05 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl

[2011/04/15 17:22:38 | 000,114,688 | R--- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbnet.sys

[2011/04/15 17:22:29 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zteusbvoice.sys

[2011/04/15 17:22:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\Vodafone

[2011/04/15 17:21:39 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll

[2008/09/19 08:26:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/29 02:32:35 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job

[2011/04/29 02:32:35 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-Heather-Startup.job

[2011/04/29 02:32:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/04/29 02:32:07 | 1063,202,816 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/29 02:02:07 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2577866921-869302320-1379617784-1007UA.job

[2011/04/28 04:45:02 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC.job

[2011/04/28 00:33:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job

[2011/04/27 20:02:04 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2577866921-869302320-1379617784-1007Core.job

[2011/04/27 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job

[2011/04/27 17:48:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Heather\Desktop\OTL.exe

[2011/04/27 17:00:06 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC Program Check.job

[2011/04/27 03:13:11 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\HiJackThis.lnk

[2011/04/26 05:47:02 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/26 01:15:33 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2011/04/25 21:02:42 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/04/25 21:02:37 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011/04/25 17:08:02 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\Regwork.job

[2011/04/24 17:24:29 | 000,063,202 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\cc_20110424_172409.reg

[2011/04/23 21:55:04 | 000,029,566 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\$(KGrHqMOKpwE1rGE0vihBNry+g)Qbg~~_12.JPG

[2011/04/23 21:43:33 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\AVS4YOU Software Navigator.lnk

[2011/04/23 21:42:49 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\AVS Image Converter.lnk

[2011/04/23 20:59:52 | 000,003,680 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\stereo.htm

[2011/04/23 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Registry Winner Schedule.job

[2011/04/22 08:07:12 | 000,432,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2011/04/22 04:24:43 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\Update Checker.lnk

[2011/04/21 21:51:27 | 000,432,016 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110422-080712.backup

[2011/04/20 19:41:47 | 000,431,550 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110421-215127.backup

[2011/04/19 18:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Pareto UNS.job

[2011/04/19 02:43:23 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/04/19 02:43:23 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk

[2011/04/19 00:40:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/04/18 18:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/04/18 18:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/04/18 18:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/04/18 18:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/04/18 18:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/04/18 18:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/04/18 18:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/04/18 18:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/04/18 18:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/04/18 18:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/04/18 14:44:27 | 000,006,666 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110418-144428.backup

[2011/04/18 13:47:20 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/04/18 13:47:19 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\Spybot - Search & Destroy.lnk

[2011/04/18 04:51:18 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/04/18 04:16:25 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/04/18 04:16:25 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2011/04/18 03:16:06 | 000,618,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/04/16 14:16:11 | 000,001,982 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk

[2011/04/16 14:16:11 | 000,001,911 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk

[2011/04/16 14:05:18 | 000,243,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/04/16 13:14:43 | 000,006,921 | ---- | M] () -- C:\NetworkCfg.xml

[2011/04/16 09:33:49 | 000,546,012 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/04/16 09:33:49 | 000,110,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/04/15 17:21:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf

[2011/04/15 17:21:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/26 21:55:13 | 000,000,402 | ---- | C] () -- C:\WINDOWS\tasks\SpeedyPC Program Check.job

[2011/04/26 21:55:12 | 000,000,386 | ---- | C] () -- C:\WINDOWS\tasks\SpeedyPC.job

[2011/04/26 05:47:02 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/26 04:17:41 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\HiJackThis.lnk

[2011/04/25 21:02:42 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/04/25 16:44:59 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\Regwork.job

[2011/04/24 17:24:15 | 000,063,202 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\cc_20110424_172409.reg

[2011/04/23 21:43:33 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\AVS4YOU Software Navigator.lnk

[2011/04/23 21:42:49 | 000,000,890 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\AVS Image Converter.lnk

[2011/04/23 20:59:52 | 000,029,566 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\$(KGrHqMOKpwE1rGE0vihBNry+g)Qbg~~_12.JPG

[2011/04/23 20:59:51 | 000,003,680 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\stereo.htm

[2011/04/19 02:43:23 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/04/18 13:47:19 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/04/18 13:47:19 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\Spybot - Search & Destroy.lnk

[2011/04/18 04:51:18 | 000,002,278 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/04/18 04:16:25 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2011/04/18 04:11:15 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2011/04/18 04:11:14 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk

[2011/04/18 04:00:54 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\Heather\Start Menu\Programs\Update Checker.lnk

[2011/04/18 04:00:53 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\Update Checker.lnk

[2011/04/18 03:15:38 | 000,618,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/04/17 11:52:11 | 000,000,312 | ---- | C] () -- C:\WINDOWS\tasks\WinMaximizer-Heather-Startup.job

[2011/04/16 14:16:11 | 000,001,982 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk

[2011/04/16 14:16:11 | 000,001,911 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk

[2011/04/15 17:21:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf

[2011/04/15 17:21:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[2011/03/12 15:49:50 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll

[2011/01/10 18:26:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat

[2010/08/11 11:43:50 | 000,159,464 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4

[2010/08/04 21:31:03 | 000,000,156 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\wklnhst.dat

[2010/06/10 11:19:57 | 000,000,022 | ---- | C] () -- C:\WINDOWS\popcinfot.dat

[2010/03/21 10:50:34 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Heather\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/12/01 00:19:15 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Launch Internet Explorer Browser.lnk

[2009/10/19 03:14:13 | 000,002,301 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2009/09/14 23:33:33 | 011,551,264 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/09/14 23:33:33 | 000,137,248 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009/09/14 21:45:39 | 000,048,492 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2009/05/14 01:30:54 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009/04/21 03:50:35 | 000,032,608 | ---- | C] () -- C:\WINDOWS\king-uninstall.exe

[2009/04/17 17:45:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2008/09/19 09:16:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008/09/19 08:57:08 | 000,000,563 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini

[2008/09/19 08:26:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI

[2008/09/19 08:21:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2008/09/19 08:20:28 | 000,243,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008/09/19 08:10:02 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll

[2008/09/19 07:52:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll

[2008/09/19 07:51:47 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe

[2008/09/19 07:51:47 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2008/09/19 07:30:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2008/09/19 07:25:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2008/09/19 06:15:15 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008/09/19 06:15:14 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2008/09/19 06:15:14 | 000,546,012 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008/09/19 06:15:14 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008/09/19 06:15:14 | 000,110,678 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008/09/19 06:15:14 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008/09/19 06:15:14 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2008/09/19 06:15:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2008/09/19 06:15:13 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008/09/19 06:15:13 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2008/09/19 06:15:09 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008/09/19 06:15:09 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll

[2005/07/22 21:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

========== LOP Check ==========

[2011/04/16 13:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG

[2010/12/18 00:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG10

[2010/04/16 22:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1

[2010/08/02 15:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\DriverCure

[2011/04/17 10:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\ErrorExpert

[2011/04/18 03:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\GlarySoft

[2009/12/27 12:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\IObit

[2011/04/26 22:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\licenses

[2010/04/18 23:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Mysteryville2

[2010/08/03 02:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\ParetoLogic

[2011/04/26 22:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\PCMM2009

[2011/04/26 22:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\PCMM2011

[2010/08/04 21:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Template

[2010/09/29 14:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Toshiba

[2011/02/17 04:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Uniblue

[2011/04/15 17:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Vodafone

[2011/04/25 21:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/04/25 11:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2009/11/27 05:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2011/04/29 01:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Badoo

[2009/09/14 18:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations

[2010/12/18 00:46:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2009/09/14 22:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations

[2010/09/10 17:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure

[2010/08/02 04:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner

[2010/02/24 02:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit

[2011/04/25 11:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2010/10/13 18:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic

[2009/09/14 22:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Spyware

[2009/09/14 23:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Virus PLUS

[2009/11/19 02:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters

[2010/08/01 18:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop

[2010/05/01 19:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games

[2011/04/25 16:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegWork

[2011/04/26 21:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC

[2011/04/18 03:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008/09/25 09:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA

[2011/04/16 14:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone

[2011/04/17 11:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

[2008/09/25 09:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

[2010/08/02 04:30:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}

[2009/04/21 10:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2011/04/29 02:32:35 | 000,000,378 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job

[2011/04/19 18:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\Pareto UNS.job

[2011/04/27 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job

[2011/04/28 00:33:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job

[2011/04/23 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Winner Schedule.job

[2011/04/25 17:08:02 | 000,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\Regwork.job

[2011/04/27 17:00:06 | 000,000,402 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedyPC Program Check.job

[2011/04/28 04:45:02 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedyPC.job

[2009/04/27 02:42:33 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\System Restore.job

[2011/04/29 02:32:35 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\WinMaximizer-Heather-Startup.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\wupdmgr.exe:SummaryInformation

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 29/04/2011 02:35:19 - Run 3

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Heather\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 459.00 Mb Available Physical Memory | 45.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 81.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111.79 Gb Total Space | 86.45 Gb Free Space | 77.33% Space Free | Partition Type: NTFS

Computer Name: ALLEYCAT | User Name: Heather | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Toshiba\ConfigFree\NDSTray.exe" = C:\Program Files\Toshiba\ConfigFree\NDSTray.exe:*:Enabled:ConfigFree Tray -- (TOSHIBA CORPORATION)

"C:\Program Files\Toshiba\ConfigFree\CFXFER.exe" = C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger

"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{117CD9C0-0F15-4633-93D7-F957B50535A5}" = Popup Blocker (Windows Live Toolbar)

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}" = Atheros Client Utility

"{1707BF02-0F5C-4A6C-8F17-053BB73E443F}" = Tabbed Browsing (Windows Live Toolbar)

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}" = MSN Toolbar

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{38024121-D084-4E7D-B1A2-1A04CB5C4CF3}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)

"{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility

"{645D6B69-6456-442D-94D6-85F0636ED258}" = Badoo Desktop

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel

Link to post
Share on other sites

  • Replies 132
  • Created
  • Last Reply

Top Posters In This Topic

just to let u know that pages on the net keep freezing just like last time when i ran the fix before!!!! is this normal to act this way at this stage of the process of cleaning??? thank you matt also i wont restore or run hijack until you say and just to let u know i exited tea timer exe by clicking on exit spybot but when i rebooted it was back in the system tray the icon looks like a sheet of paper with a silver padlock on it!!! dont know how to get rid of it as i went to program files to try and delete it and it said i might not able to operate other programs that spybot is using something to that effect so i didnt delete it on program files :) shall i delete it?

Link to post
Share on other sites

Hi Alison,

Try disabling TeaTimer by:

  • Launch Spybot Search & Destroy icon_Spybot_-_Search_and_Destroy.png
  • In the Menu, Select Mode and choose Advanced Mode
  • Click Yes in the confirmation dialogue box
  • click on Tools to expand the menu. Make sure that Resident is checked and then click Resident in the left pane.
  • In the right pane uncheck Resident "Tea timer" (Protection of over-all system settings) to disable it.
  • Uncheck the TeaTimer box and OK any prompts.
  • If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
  • Exit Spybot S&D when done.
  • (Once you are clean, you can re-enable Teatimer using the same steps but this time place a check next to "Resident TeaTimer" and check the "TeaTimer" box in System Startup.]

Launch Malwarebytes' Anti-Malware

  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked , and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Link to post
Share on other sites

Try disabling TeaTimer by:

  • Launch Spybot Search & Destroy icon_Spybot_-_Search_and_Destroy.png
  • In the Menu, Select Mode and choose Advanced Mode
  • Click Yes in the confirmation dialogue box
  • click on Tools to expand the menu. Make sure that Resident is checked and then click Resident in the left pane.
  • In the right pane uncheck Resident "Tea timer" (Protection of over-all system settings) to disable it.
  • Uncheck the TeaTimer box and OK any prompts.

this is where i get stuck as no ok prompts come up after i uncheck the tea timer box or allow change so do i just click the red X box at top right of screen to exit it as instructed???

Link to post
Share on other sites

i unchecked resident tea timer!!!

your next command is to uncheck tea timer box!!! is that the one in the system tray?

Link to post
Share on other sites

ok i think all i had to do with spybot was uncheck tea timer at then end of instructions and close spybot :) now here is my malware log

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6460

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

29/04/2011 17:06:52

mbam-log-2011-04-29 (17-06-52).txt

Scan type: Quick scan

Objects scanned: 206655

Time elapsed: 7 minute(s), 28 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

OTL logfile created on: 30/04/2011 14:47:41 - Run 3

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Heather\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 491.00 Mb Available Physical Memory | 48.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111.79 Gb Total Space | 86.35 Gb Free Space | 77.25% Space Free | Partition Type: NTFS

Drive D: | 44.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ALLEYCAT | User Name: Heather | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Heather\desktop\OTL.exe (OldTimer Tools)

PRC - C:\Documents and Settings\Heather\Local Settings\Application Data\Google\Update\1.3.21.53\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

PRC - C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

PRC - C:\Program Files\T-Mobile\Mobile Broadband Manager\UIExec.exe ()

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

PRC - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

PRC - C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)

PRC - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)

PRC - C:\Program Files\Virgin Mobile\Broadband Home\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)

PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)

PRC - C:\WINDOWS\system32\acs.exe (Atheros)

PRC - C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Heather\desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (SBAMSvc) -- File not found

SRV - (avg8wd) -- File not found

SRV - (avg8emc) -- File not found

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

SRV - (UI Assistant Service) -- C:\Program Files\T-Mobile\Mobile Broadband Manager\AssistantServices.exe ()

SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

SRV - (TAPPSRV) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)

SRV - (TOSHIBA Bluetooth Service) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

SRV - (ACS) -- C:\WINDOWS\system32\acs.exe (Atheros)

SRV - (TODDSrv) -- C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)

SRV - (CFSvcs) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)

DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation)

DRV - (ZTEusbvoice) -- C:\WINDOWS\system32\drivers\zteusbvoice.sys (ZTE Incorporated)

DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)

DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)

DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)

DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (MBB Incorporated)

DRV - (vodafone_K380x-z_dc_enum) -- C:\WINDOWS\system32\drivers\vodafone_K380x-z_dc_enum.sys (Vodafone)

DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)

DRV - (SBRE) -- C:\WINDOWS\system32\drivers\sbredrv.sys (Sunbelt Software)

DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RTS5121.sys (Realtek Semiconductor Corp.)

DRV - (tos_sps32) -- C:\WINDOWS\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )

DRV - (UVCFTR) -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)

DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV - (FwLnk) -- C:\WINDOWS\system32\drivers\FwLnk.sys (TOSHIBA Corporation)

DRV - (tdudf) -- C:\WINDOWS\system32\drivers\tdudf.sys (TOSHIBA Corporation)

DRV - (trudf) -- C:\WINDOWS\system32\drivers\trudf.sys (TOSHIBA Corporation)

DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\tosrfec.sys (TOSHIBA Corporation)

DRV - (tdcmdpst) -- C:\WINDOWS\system32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)

DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"

FF - prefs.js..browser.search.defaultthis.engineName: "Feboz Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://uk.search.yahoo.com/search?fr=ffsp1&p="

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-type: "${8}"

FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://uk.yahoo.com"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: npfax@microgaming.co.uk:2.1.0.19

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319

FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4daaca17&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/04/25 21:02:19 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/26 04:57:32 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/18 04:16:10 | 000,000,000 | ---D | M]

[2009/06/30 10:52:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Extensions

[2011/04/19 00:36:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions

[2011/04/19 00:34:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2011/04/16 13:56:46 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)

[2010/09/15 20:53:53 | 000,000,557 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\searchplugins\bing.xml

[2010/02/04 05:06:36 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\searchplugins\conduit.xml

[2011/04/24 13:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/08/04 15:16:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/10/23 03:33:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/12/24 01:39:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/04/25 11:10:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

File not found (No name found) --

[2011/04/25 21:02:19 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

[2009/06/24 08:39:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2011/03/18 18:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2009/05/12 17:26:34 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll

[2010/03/08 11:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Program Files\Mozilla Firefox\plugins\npmidas.dll

[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/04/22 08:07:12 | 000,432,016 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 123fporn.info

O1 - Hosts: 14894 more lines...

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\Virgin Mobile\Broadband Home\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)

O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()

O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (Google)

O4 - HKLM..\Run: [iTSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)

O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

O4 - HKLM..\Run: [NDSTray.exe] File not found

O4 - HKLM..\Run: [smoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)

O4 - HKLM..\Run: [uIExec] C:\Program Files\T-Mobile\Mobile Broadband Manager\UIExec.exe ()

O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

O4 - HKCU..\Run: [badoo Desktop] C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\Virgin Mobile\Broadband Home\VIRGIN MOBILE BROADBAND HOME.exe ()

O4 - HKCU..\Run: [search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab (BatchDownloader Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.203.65.68 10.203.65.68

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/09/19 07:27:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2010/09/13 23:45:26 | 000,000,120 | R--- | M] () - D:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell - "" = AutoRun

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun\command - "" = D:\AutoRun.exe

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell - "" = AutoRun

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun\command - "" = D:\setup_vmb_lite.exe -- [2010/07/08 12:14:50 | 000,274,432 | R--- | M] (Vodafone)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/29 01:20:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Badoo

[2011/04/27 17:48:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Heather\Desktop\OTL.exe

[2011/04/26 22:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\licenses

[2011/04/26 22:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\PCMM2009

[2011/04/26 22:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\PCMM2011

[2011/04/26 21:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpeedyPC

[2011/04/26 21:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC

[2011/04/26 21:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedyPC

[2011/04/26 21:42:46 | 000,000,000 | ---D | C] -- C:\Drivers

[2011/04/26 05:47:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/04/26 05:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/04/26 05:46:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/04/26 04:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\HiJackThis

[2011/04/26 04:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011/04/25 21:02:41 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/04/25 21:02:41 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/04/25 21:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus

[2011/04/25 21:02:37 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/04/25 21:02:37 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/04/25 21:02:37 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/04/25 21:02:37 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/04/25 21:02:37 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/04/25 21:02:37 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/04/25 21:02:16 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/04/25 21:02:16 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/04/25 16:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegWork

[2011/04/25 11:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2011/04/25 11:41:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/04/25 11:10:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Heather\Recent

[2011/04/25 11:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\Glarysoft

[2011/04/25 11:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe

[2011/04/25 05:50:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe(2)

[2011/04/24 13:11:11 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011/04/24 13:11:10 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011/04/24 13:11:10 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011/04/24 13:08:34 | 000,069,632 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2011/04/23 21:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU

[2011/04/23 21:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\AVS4YOU

[2011/04/23 21:43:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\AVS4YOU

[2011/04/23 21:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVS4YOU

[2011/04/23 21:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia

[2011/04/23 21:42:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

[2011/04/23 21:38:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll

[2011/04/23 21:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU

[2011/04/23 20:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\My Documents\stereo_files

[2011/04/18 13:47:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy

[2011/04/18 13:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2011/04/18 13:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2011/04/18 13:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\My Documents\My Google Gadgets

[2011/04/18 04:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\Google Chrome

[2011/04/18 04:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com

[2011/04/18 03:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2011/04/17 11:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

[2011/04/17 10:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\ErrorExpert

[2011/04/16 14:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Vodafone

[2011/04/16 14:16:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Vodafone

[2011/04/16 14:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone

[2011/04/16 14:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\FLEXnet

[2011/04/16 14:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet

[2011/04/16 14:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Local Settings\Application Data\{F3E8BCCE-24B6-4737-920E-0D6073630E2A}

[2011/04/16 13:58:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang

[2011/04/16 13:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\AVG

[2011/04/16 13:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC Tuneup 2011

[2011/04/16 13:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\T-Mobile Mobile Broadband Manager

[2011/04/16 05:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\Camera Assistant Software for Gateway

[2011/04/16 05:16:54 | 000,000,000 | ---D | C] -- C:\cabs

[2011/04/15 22:39:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll

[2011/04/15 22:39:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll

[2011/04/15 22:39:12 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll

[2011/04/15 22:39:11 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll

[2011/04/15 22:39:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll

[2011/04/15 22:39:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll

[2011/04/15 22:39:09 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll

[2011/04/15 22:39:08 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe

[2011/04/15 22:39:05 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl

[2011/04/15 17:22:38 | 000,114,688 | R--- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbnet.sys

[2011/04/15 17:22:29 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zteusbvoice.sys

[2011/04/15 17:22:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\Vodafone

[2011/04/15 17:21:39 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll

[2008/09/19 08:26:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/30 14:39:54 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job

[2011/04/30 14:39:53 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-Heather-Startup.job

[2011/04/30 14:38:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/04/30 14:37:56 | 1063,202,816 | -HS- | M] () -- C:\hiberfil.sys

[2011/04/30 03:02:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2577866921-869302320-1379617784-1007UA.job

[2011/04/30 00:33:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job

[2011/04/29 20:02:01 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2577866921-869302320-1379617784-1007Core.job

[2011/04/29 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job

[2011/04/29 17:00:05 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC Program Check.job

[2011/04/28 04:45:02 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC.job

[2011/04/27 17:48:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Heather\Desktop\OTL.exe

[2011/04/27 03:13:11 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\HiJackThis.lnk

[2011/04/26 05:47:02 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/26 01:15:33 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2011/04/25 21:02:42 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/04/25 21:02:37 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011/04/25 17:08:02 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\Regwork.job

[2011/04/24 17:24:29 | 000,063,202 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\cc_20110424_172409.reg

[2011/04/23 21:55:04 | 000,029,566 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\$(KGrHqMOKpwE1rGE0vihBNry+g)Qbg~~_12.JPG

[2011/04/23 21:43:33 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\AVS4YOU Software Navigator.lnk

[2011/04/23 21:42:49 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\AVS Image Converter.lnk

[2011/04/23 20:59:52 | 000,003,680 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\stereo.htm

[2011/04/23 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Registry Winner Schedule.job

[2011/04/22 08:07:12 | 000,432,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2011/04/22 04:24:43 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\Update Checker.lnk

[2011/04/21 21:51:27 | 000,432,016 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110422-080712.backup

[2011/04/20 19:41:47 | 000,431,550 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110421-215127.backup

[2011/04/19 18:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Pareto UNS.job

[2011/04/19 02:43:23 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/04/19 02:43:23 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk

[2011/04/19 00:40:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/04/18 18:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/04/18 18:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/04/18 18:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/04/18 18:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/04/18 18:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/04/18 18:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/04/18 18:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/04/18 18:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/04/18 18:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/04/18 18:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/04/18 14:44:27 | 000,006,666 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110418-144428.backup

[2011/04/18 13:47:20 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/04/18 13:47:19 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\Spybot - Search & Destroy.lnk

[2011/04/18 04:51:18 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/04/18 04:16:25 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/04/18 04:16:25 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2011/04/18 03:16:06 | 000,618,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/04/16 14:16:11 | 000,001,982 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk

[2011/04/16 14:16:11 | 000,001,911 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk

[2011/04/16 14:05:18 | 000,243,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/04/16 13:14:43 | 000,006,921 | ---- | M] () -- C:\NetworkCfg.xml

[2011/04/16 09:33:49 | 000,546,012 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/04/16 09:33:49 | 000,110,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/04/15 17:21:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf

[2011/04/15 17:21:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/26 21:55:13 | 000,000,402 | ---- | C] () -- C:\WINDOWS\tasks\SpeedyPC Program Check.job

[2011/04/26 21:55:12 | 000,000,386 | ---- | C] () -- C:\WINDOWS\tasks\SpeedyPC.job

[2011/04/26 05:47:02 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/26 04:17:41 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\HiJackThis.lnk

[2011/04/25 21:02:42 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/04/25 16:44:59 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\Regwork.job

[2011/04/24 17:24:15 | 000,063,202 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\cc_20110424_172409.reg

[2011/04/23 21:43:33 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\AVS4YOU Software Navigator.lnk

[2011/04/23 21:42:49 | 000,000,890 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\AVS Image Converter.lnk

[2011/04/23 20:59:52 | 000,029,566 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\$(KGrHqMOKpwE1rGE0vihBNry+g)Qbg~~_12.JPG

[2011/04/23 20:59:51 | 000,003,680 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\stereo.htm

[2011/04/19 02:43:23 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/04/18 13:47:19 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/04/18 13:47:19 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\Spybot - Search & Destroy.lnk

[2011/04/18 04:51:18 | 000,002,278 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/04/18 04:16:25 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2011/04/18 04:11:15 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2011/04/18 04:11:14 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk

[2011/04/18 04:00:54 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\Heather\Start Menu\Programs\Update Checker.lnk

[2011/04/18 04:00:53 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\Update Checker.lnk

[2011/04/18 03:15:38 | 000,618,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/04/17 11:52:11 | 000,000,312 | ---- | C] () -- C:\WINDOWS\tasks\WinMaximizer-Heather-Startup.job

[2011/04/16 14:16:11 | 000,001,982 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk

[2011/04/16 14:16:11 | 000,001,911 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk

[2011/04/15 17:21:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf

[2011/04/15 17:21:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[2011/03/12 15:49:50 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll

[2011/01/10 18:26:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat

[2010/08/11 11:43:50 | 000,159,464 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4

[2010/08/04 21:31:03 | 000,000,156 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\wklnhst.dat

[2010/06/10 11:19:57 | 000,000,022 | ---- | C] () -- C:\WINDOWS\popcinfot.dat

[2010/03/21 10:50:34 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Heather\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/12/01 00:19:15 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Launch Internet Explorer Browser.lnk

[2009/10/19 03:14:13 | 000,002,301 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2009/09/14 23:33:33 | 011,551,264 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/09/14 23:33:33 | 000,137,248 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009/09/14 21:45:39 | 000,048,492 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2009/05/14 01:30:54 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009/04/21 03:50:35 | 000,032,608 | ---- | C] () -- C:\WINDOWS\king-uninstall.exe

[2009/04/17 17:45:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2008/09/19 09:16:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008/09/19 08:57:08 | 000,000,563 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini

[2008/09/19 08:26:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI

[2008/09/19 08:21:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2008/09/19 08:20:28 | 000,243,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008/09/19 08:10:02 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll

[2008/09/19 07:52:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll

[2008/09/19 07:51:47 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe

[2008/09/19 07:51:47 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2008/09/19 07:30:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2008/09/19 07:25:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2008/09/19 06:15:15 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008/09/19 06:15:14 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2008/09/19 06:15:14 | 000,546,012 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008/09/19 06:15:14 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008/09/19 06:15:14 | 000,110,678 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008/09/19 06:15:14 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008/09/19 06:15:14 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2008/09/19 06:15:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2008/09/19 06:15:13 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008/09/19 06:15:13 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2008/09/19 06:15:09 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008/09/19 06:15:09 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll

[2005/07/22 21:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

========== LOP Check ==========

[2011/04/16 13:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG

[2010/12/18 00:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG10

[2010/04/16 22:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1

[2010/08/02 15:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\DriverCure

[2011/04/17 10:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\ErrorExpert

[2011/04/18 03:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\GlarySoft

[2009/12/27 12:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\IObit

[2011/04/26 22:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\licenses

[2010/04/18 23:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Mysteryville2

[2010/08/03 02:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\ParetoLogic

[2011/04/26 22:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\PCMM2009

[2011/04/26 22:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\PCMM2011

[2010/08/04 21:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Template

[2010/09/29 14:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Toshiba

[2011/02/17 04:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Uniblue

[2011/04/15 17:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Vodafone

[2011/04/25 21:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/04/25 11:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2009/11/27 05:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2011/04/29 01:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Badoo

[2009/09/14 18:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations

[2010/12/18 00:46:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2009/09/14 22:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations

[2010/09/10 17:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure

[2010/08/02 04:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner

[2010/02/24 02:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit

[2011/04/25 11:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2010/10/13 18:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic

[2009/09/14 22:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Spyware

[2009/09/14 23:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Virus PLUS

[2009/11/19 02:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters

[2010/08/01 18:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop

[2010/05/01 19:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games

[2011/04/25 16:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegWork

[2011/04/26 21:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC

[2011/04/18 03:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008/09/25 09:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA

[2011/04/16 14:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone

[2011/04/17 11:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

[2008/09/25 09:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

[2010/08/02 04:30:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}

[2009/04/21 10:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2011/04/30 14:39:54 | 000,000,378 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job

[2011/04/19 18:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\Pareto UNS.job

[2011/04/29 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job

[2011/04/30 00:33:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job

[2011/04/23 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Winner Schedule.job

[2011/04/25 17:08:02 | 000,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\Regwork.job

[2011/04/29 17:00:05 | 000,000,402 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedyPC Program Check.job

[2011/04/28 04:45:02 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedyPC.job

[2009/04/27 02:42:33 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\System Restore.job

[2011/04/30 14:39:53 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\WinMaximizer-Heather-Startup.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\wupdmgr.exe:SummaryInformation

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 30/04/2011 14:47:41 - Run 3

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Heather\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 491.00 Mb Available Physical Memory | 48.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111.79 Gb Total Space | 86.35 Gb Free Space | 77.25% Space Free | Partition Type: NTFS

Drive D: | 44.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ALLEYCAT | User Name: Heather | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Toshiba\ConfigFree\NDSTray.exe" = C:\Program Files\Toshiba\ConfigFree\NDSTray.exe:*:Enabled:ConfigFree Tray -- (TOSHIBA CORPORATION)

"C:\Program Files\Toshiba\ConfigFree\CFXFER.exe" = C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger

"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{117CD9C0-0F15-4633-93D7-F957B50535A5}" = Popup Blocker (Windows Live Toolbar)

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}" = Atheros Client Utility

"{1707BF02-0F5C-4A6C-8F17-053BB73E443F}" = Tabbed Browsing (Windows Live Toolbar)

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}" = MSN Toolbar

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{38024121-D084-4E7D-B1A2-1A04CB5C4CF3}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)

"{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility

"{645D6B69-6456-442D-94D6-85F0636ED258}" = Badoo Desktop

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel

Link to post
Share on other sites

Run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    SRV - (avg8wd) -- File not found
    SRV - (avg8emc) -- File not found
    FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
    FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4daaca17&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q="
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell - "" = AutoRun
    O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun\command - "" = D:\AutoRun.exe
    O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell - "" = AutoRun
    O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun\command - "" = D:\setup_vmb_lite.exe -- [2010/07/08 12:14:50 | 000,274,432 | R--- | M] (Vodafone)
    [2011/04/16 13:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\AVG
    [2011/04/16 13:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG
    [2010/12/18 00:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG10
    [2011/04/25 11:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
    [2009/11/27 05:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
    [2009/12/27 12:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\IObit
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
    @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done

Link to post
Share on other sites

OTL logfile created on: 01/05/2011 01:37:54 - Run 3

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Heather\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 546.00 Mb Available Physical Memory | 54.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 84.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111.79 Gb Total Space | 86.32 Gb Free Space | 77.22% Space Free | Partition Type: NTFS

Drive D: | 44.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ALLEYCAT | User Name: Heather | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Heather\desktop\OTL.exe (OldTimer Tools)

PRC - C:\Documents and Settings\Heather\Local Settings\Application Data\Google\Update\1.3.21.53\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

PRC - C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

PRC - C:\Program Files\T-Mobile\Mobile Broadband Manager\UIExec.exe ()

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

PRC - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

PRC - C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)

PRC - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)

PRC - C:\Program Files\Virgin Mobile\Broadband Home\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)

PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)

PRC - C:\WINDOWS\system32\acs.exe (Atheros)

PRC - C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Heather\desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (SBAMSvc) -- File not found

SRV - (avg8wd) -- File not found

SRV - (avg8emc) -- File not found

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

SRV - (UI Assistant Service) -- C:\Program Files\T-Mobile\Mobile Broadband Manager\AssistantServices.exe ()

SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

SRV - (TAPPSRV) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)

SRV - (TOSHIBA Bluetooth Service) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

SRV - (ACS) -- C:\WINDOWS\system32\acs.exe (Atheros)

SRV - (TODDSrv) -- C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)

SRV - (CFSvcs) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)

DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation)

DRV - (ZTEusbvoice) -- C:\WINDOWS\system32\drivers\zteusbvoice.sys (ZTE Incorporated)

DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)

DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)

DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)

DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (MBB Incorporated)

DRV - (vodafone_K380x-z_dc_enum) -- C:\WINDOWS\system32\drivers\vodafone_K380x-z_dc_enum.sys (Vodafone)

DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)

DRV - (SBRE) -- C:\WINDOWS\system32\drivers\sbredrv.sys (Sunbelt Software)

DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RTS5121.sys (Realtek Semiconductor Corp.)

DRV - (tos_sps32) -- C:\WINDOWS\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )

DRV - (UVCFTR) -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)

DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV - (FwLnk) -- C:\WINDOWS\system32\drivers\FwLnk.sys (TOSHIBA Corporation)

DRV - (tdudf) -- C:\WINDOWS\system32\drivers\tdudf.sys (TOSHIBA Corporation)

DRV - (trudf) -- C:\WINDOWS\system32\drivers\trudf.sys (TOSHIBA Corporation)

DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\tosrfec.sys (TOSHIBA Corporation)

DRV - (tdcmdpst) -- C:\WINDOWS\system32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)

DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"

FF - prefs.js..browser.search.defaultthis.engineName: "Feboz Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://uk.search.yahoo.com/search?fr=ffsp1&p="

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-type: "${8}"

FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://uk.yahoo.com"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: npfax@microgaming.co.uk:2.1.0.19

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319

FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4daaca17&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/04/25 21:02:19 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/26 04:57:32 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/18 04:16:10 | 000,000,000 | ---D | M]

[2009/06/30 10:52:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Extensions

[2011/04/19 00:36:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions

[2011/04/19 00:34:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2011/04/16 13:56:46 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)

[2010/09/15 20:53:53 | 000,000,557 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\searchplugins\bing.xml

[2010/02/04 05:06:36 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\searchplugins\conduit.xml

[2011/04/24 13:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/08/04 15:16:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/10/23 03:33:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/12/24 01:39:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/04/25 11:10:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

File not found (No name found) --

[2011/04/25 21:02:19 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

[2009/06/24 08:39:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2011/03/18 18:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2009/05/12 17:26:34 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll

[2010/03/08 11:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Program Files\Mozilla Firefox\plugins\npmidas.dll

[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/04/22 08:07:12 | 000,432,016 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 123fporn.info

O1 - Hosts: 14894 more lines...

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\Virgin Mobile\Broadband Home\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)

O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()

O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (Google)

O4 - HKLM..\Run: [iTSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)

O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

O4 - HKLM..\Run: [NDSTray.exe] File not found

O4 - HKLM..\Run: [smoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)

O4 - HKLM..\Run: [uIExec] C:\Program Files\T-Mobile\Mobile Broadband Manager\UIExec.exe ()

O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

O4 - HKCU..\Run: [badoo Desktop] C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\Virgin Mobile\Broadband Home\VIRGIN MOBILE BROADBAND HOME.exe ()

O4 - HKCU..\Run: [search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab (BatchDownloader Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/09/19 07:27:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2010/09/13 23:45:26 | 000,000,120 | R--- | M] () - D:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell - "" = AutoRun

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun\command - "" = D:\AutoRun.exe

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell - "" = AutoRun

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun\command - "" = D:\setup_vmb_lite.exe -- [2010/07/08 12:14:50 | 000,274,432 | R--- | M] (Vodafone)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/29 01:20:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Badoo

[2011/04/27 17:48:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Heather\Desktop\OTL.exe

[2011/04/26 22:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\licenses

[2011/04/26 22:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\PCMM2009

[2011/04/26 22:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\PCMM2011

[2011/04/26 21:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpeedyPC

[2011/04/26 21:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC

[2011/04/26 21:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedyPC

[2011/04/26 21:42:46 | 000,000,000 | ---D | C] -- C:\Drivers

[2011/04/26 05:47:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/04/26 05:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/04/26 05:46:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/04/26 04:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\HiJackThis

[2011/04/26 04:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011/04/25 21:02:41 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/04/25 21:02:41 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/04/25 21:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus

[2011/04/25 21:02:37 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/04/25 21:02:37 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/04/25 21:02:37 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/04/25 21:02:37 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/04/25 21:02:37 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/04/25 21:02:37 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/04/25 21:02:16 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/04/25 21:02:16 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/04/25 16:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegWork

[2011/04/25 11:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2011/04/25 11:41:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/04/25 11:10:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Heather\Recent

[2011/04/25 11:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\Glarysoft

[2011/04/25 11:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe

[2011/04/25 05:50:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe(2)

[2011/04/24 13:11:11 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011/04/24 13:11:10 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011/04/24 13:11:10 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011/04/24 13:08:34 | 000,069,632 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2011/04/23 21:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU

[2011/04/23 21:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\AVS4YOU

[2011/04/23 21:43:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\AVS4YOU

[2011/04/23 21:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVS4YOU

[2011/04/23 21:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia

[2011/04/23 21:42:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

[2011/04/23 21:38:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll

[2011/04/23 21:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU

[2011/04/23 20:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\My Documents\stereo_files

[2011/04/18 13:47:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy

[2011/04/18 13:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2011/04/18 13:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2011/04/18 13:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\My Documents\My Google Gadgets

[2011/04/18 04:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\Google Chrome

[2011/04/18 04:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com

[2011/04/18 03:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2011/04/17 11:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

[2011/04/17 10:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\ErrorExpert

[2011/04/16 14:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Vodafone

[2011/04/16 14:16:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Vodafone

[2011/04/16 14:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone

[2011/04/16 14:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\FLEXnet

[2011/04/16 14:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet

[2011/04/16 14:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Local Settings\Application Data\{F3E8BCCE-24B6-4737-920E-0D6073630E2A}

[2011/04/16 13:58:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang

[2011/04/16 13:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\AVG

[2011/04/16 13:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC Tuneup 2011

[2011/04/16 13:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\T-Mobile Mobile Broadband Manager

[2011/04/16 05:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\Camera Assistant Software for Gateway

[2011/04/16 05:16:54 | 000,000,000 | ---D | C] -- C:\cabs

[2011/04/15 22:39:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll

[2011/04/15 22:39:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll

[2011/04/15 22:39:12 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll

[2011/04/15 22:39:11 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll

[2011/04/15 22:39:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll

[2011/04/15 22:39:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll

[2011/04/15 22:39:09 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll

[2011/04/15 22:39:08 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe

[2011/04/15 22:39:05 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl

[2011/04/15 17:22:38 | 000,114,688 | R--- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbnet.sys

[2011/04/15 17:22:29 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zteusbvoice.sys

[2011/04/15 17:22:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\Vodafone

[2011/04/15 17:21:39 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll

[2008/09/19 08:26:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/01 01:35:17 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job

[2011/05/01 01:35:17 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-Heather-Startup.job

[2011/05/01 01:34:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/05/01 01:34:45 | 1063,202,816 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/01 01:02:03 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2577866921-869302320-1379617784-1007UA.job

[2011/05/01 00:33:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job

[2011/04/30 20:02:06 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2577866921-869302320-1379617784-1007Core.job

[2011/04/30 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Registry Winner Schedule.job

[2011/04/30 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job

[2011/04/30 17:00:05 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC Program Check.job

[2011/04/28 04:45:02 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC.job

[2011/04/27 17:48:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Heather\Desktop\OTL.exe

[2011/04/27 03:13:11 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\HiJackThis.lnk

[2011/04/26 05:47:02 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/26 01:15:33 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2011/04/25 21:02:42 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/04/25 21:02:37 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011/04/25 17:08:02 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\Regwork.job

[2011/04/24 17:24:29 | 000,063,202 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\cc_20110424_172409.reg

[2011/04/23 21:55:04 | 000,029,566 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\$(KGrHqMOKpwE1rGE0vihBNry+g)Qbg~~_12.JPG

[2011/04/23 21:43:33 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\AVS4YOU Software Navigator.lnk

[2011/04/23 21:42:49 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\AVS Image Converter.lnk

[2011/04/23 20:59:52 | 000,003,680 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\stereo.htm

[2011/04/22 08:07:12 | 000,432,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2011/04/22 04:24:43 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\Update Checker.lnk

[2011/04/21 21:51:27 | 000,432,016 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110422-080712.backup

[2011/04/20 19:41:47 | 000,431,550 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110421-215127.backup

[2011/04/19 18:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Pareto UNS.job

[2011/04/19 02:43:23 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/04/19 02:43:23 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk

[2011/04/19 00:40:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/04/18 18:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/04/18 18:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/04/18 18:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/04/18 18:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/04/18 18:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/04/18 18:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/04/18 18:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/04/18 18:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/04/18 18:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/04/18 18:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/04/18 14:44:27 | 000,006,666 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110418-144428.backup

[2011/04/18 13:47:20 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/04/18 13:47:19 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\Spybot - Search & Destroy.lnk

[2011/04/18 04:51:18 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/04/18 04:16:25 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/04/18 04:16:25 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2011/04/18 03:16:06 | 000,618,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/04/16 14:16:11 | 000,001,982 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk

[2011/04/16 14:16:11 | 000,001,911 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk

[2011/04/16 14:05:18 | 000,243,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/04/16 13:14:43 | 000,006,921 | ---- | M] () -- C:\NetworkCfg.xml

[2011/04/16 09:33:49 | 000,546,012 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/04/16 09:33:49 | 000,110,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/04/15 17:21:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf

[2011/04/15 17:21:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/26 21:55:13 | 000,000,402 | ---- | C] () -- C:\WINDOWS\tasks\SpeedyPC Program Check.job

[2011/04/26 21:55:12 | 000,000,386 | ---- | C] () -- C:\WINDOWS\tasks\SpeedyPC.job

[2011/04/26 05:47:02 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/26 04:17:41 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\HiJackThis.lnk

[2011/04/25 21:02:42 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/04/25 16:44:59 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\Regwork.job

[2011/04/24 17:24:15 | 000,063,202 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\cc_20110424_172409.reg

[2011/04/23 21:43:33 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\AVS4YOU Software Navigator.lnk

[2011/04/23 21:42:49 | 000,000,890 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\AVS Image Converter.lnk

[2011/04/23 20:59:52 | 000,029,566 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\$(KGrHqMOKpwE1rGE0vihBNry+g)Qbg~~_12.JPG

[2011/04/23 20:59:51 | 000,003,680 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\stereo.htm

[2011/04/19 02:43:23 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/04/18 13:47:19 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/04/18 13:47:19 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\Spybot - Search & Destroy.lnk

[2011/04/18 04:51:18 | 000,002,278 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/04/18 04:16:25 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2011/04/18 04:11:15 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2011/04/18 04:11:14 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk

[2011/04/18 04:00:54 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\Heather\Start Menu\Programs\Update Checker.lnk

[2011/04/18 04:00:53 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\Update Checker.lnk

[2011/04/18 03:15:38 | 000,618,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/04/17 11:52:11 | 000,000,312 | ---- | C] () -- C:\WINDOWS\tasks\WinMaximizer-Heather-Startup.job

[2011/04/16 14:16:11 | 000,001,982 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk

[2011/04/16 14:16:11 | 000,001,911 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk

[2011/04/15 17:21:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf

[2011/04/15 17:21:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[2011/03/12 15:49:50 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll

[2011/01/10 18:26:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat

[2010/08/11 11:43:50 | 000,159,464 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4

[2010/08/04 21:31:03 | 000,000,156 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\wklnhst.dat

[2010/06/10 11:19:57 | 000,000,022 | ---- | C] () -- C:\WINDOWS\popcinfot.dat

[2010/03/21 10:50:34 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Heather\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/12/01 00:19:15 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Launch Internet Explorer Browser.lnk

[2009/10/19 03:14:13 | 000,002,301 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2009/09/14 23:33:33 | 011,551,264 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/09/14 23:33:33 | 000,137,248 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009/09/14 21:45:39 | 000,048,492 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2009/05/14 01:30:54 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009/04/21 03:50:35 | 000,032,608 | ---- | C] () -- C:\WINDOWS\king-uninstall.exe

[2009/04/17 17:45:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2008/09/19 09:16:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008/09/19 08:57:08 | 000,000,563 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini

[2008/09/19 08:26:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI

[2008/09/19 08:21:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2008/09/19 08:20:28 | 000,243,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008/09/19 08:10:02 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll

[2008/09/19 07:52:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll

[2008/09/19 07:51:47 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe

[2008/09/19 07:51:47 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2008/09/19 07:30:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2008/09/19 07:25:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2008/09/19 06:15:15 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008/09/19 06:15:14 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2008/09/19 06:15:14 | 000,546,012 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008/09/19 06:15:14 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008/09/19 06:15:14 | 000,110,678 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008/09/19 06:15:14 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008/09/19 06:15:14 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2008/09/19 06:15:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2008/09/19 06:15:13 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008/09/19 06:15:13 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2008/09/19 06:15:09 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008/09/19 06:15:09 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll

[2005/07/22 21:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

========== LOP Check ==========

[2011/04/16 13:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG

[2010/12/18 00:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG10

[2010/04/16 22:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1

[2010/08/02 15:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\DriverCure

[2011/04/17 10:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\ErrorExpert

[2011/04/18 03:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\GlarySoft

[2009/12/27 12:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\IObit

[2011/04/26 22:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\licenses

[2010/04/18 23:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Mysteryville2

[2010/08/03 02:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\ParetoLogic

[2011/04/26 22:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\PCMM2009

[2011/04/26 22:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\PCMM2011

[2010/08/04 21:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Template

[2010/09/29 14:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Toshiba

[2011/02/17 04:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Uniblue

[2011/04/15 17:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Vodafone

[2011/04/25 21:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/04/25 11:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2009/11/27 05:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2011/04/29 01:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Badoo

[2009/09/14 18:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations

[2010/12/18 00:46:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2009/09/14 22:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations

[2010/09/10 17:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure

[2010/08/02 04:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner

[2010/02/24 02:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit

[2011/04/25 11:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2010/10/13 18:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic

[2009/09/14 22:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Spyware

[2009/09/14 23:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Virus PLUS

[2009/11/19 02:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters

[2010/08/01 18:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop

[2010/05/01 19:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games

[2011/04/25 16:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegWork

[2011/04/26 21:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC

[2011/04/18 03:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008/09/25 09:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA

[2011/04/16 14:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone

[2011/04/17 11:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

[2008/09/25 09:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

[2010/08/02 04:30:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}

[2009/04/21 10:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2011/05/01 01:35:17 | 000,000,378 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job

[2011/04/19 18:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\Pareto UNS.job

[2011/04/30 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job

[2011/05/01 00:33:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job

[2011/04/30 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Winner Schedule.job

[2011/04/25 17:08:02 | 000,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\Regwork.job

[2011/04/30 17:00:05 | 000,000,402 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedyPC Program Check.job

[2011/04/28 04:45:02 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedyPC.job

[2009/04/27 02:42:33 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\System Restore.job

[2011/05/01 01:35:17 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\WinMaximizer-Heather-Startup.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\wupdmgr.exe:SummaryInformation

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

have to post them separately as they wont fit on one post

Link to post
Share on other sites

OTL Extras logfile created on: 01/05/2011 01:37:54 - Run 3

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Heather\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 546.00 Mb Available Physical Memory | 54.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 84.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111.79 Gb Total Space | 86.32 Gb Free Space | 77.22% Space Free | Partition Type: NTFS

Drive D: | 44.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ALLEYCAT | User Name: Heather | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Toshiba\ConfigFree\NDSTray.exe" = C:\Program Files\Toshiba\ConfigFree\NDSTray.exe:*:Enabled:ConfigFree Tray -- (TOSHIBA CORPORATION)

"C:\Program Files\Toshiba\ConfigFree\CFXFER.exe" = C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger

"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{117CD9C0-0F15-4633-93D7-F957B50535A5}" = Popup Blocker (Windows Live Toolbar)

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}" = Atheros Client Utility

"{1707BF02-0F5C-4A6C-8F17-053BB73E443F}" = Tabbed Browsing (Windows Live Toolbar)

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}" = MSN Toolbar

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{38024121-D084-4E7D-B1A2-1A04CB5C4CF3}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)

"{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility

"{645D6B69-6456-442D-94D6-85F0636ED258}" = Badoo Desktop

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel

Link to post
Share on other sites

Hi Matt

Is it possible to remove Speedy Pc from my computer as it keeps running scans daily on its own??? I have gone to program files to delete it and it says it could stop other programmes working properly if i rename or remove thank you Matt

Link to post
Share on other sites

Hi Matt just to let you know i dont use virgin or t mobile broadbands anymore and would like your help in removing them also without it affecting my current vodafone broadband thanks so much :) and can we make donations personally to our helpers or are the donations only for the website?

Link to post
Share on other sites

Hi Alison,

Sorry for the delay, this week is finals week for me.

Yes, I will help you to remove both SpeedyPC and your T-Mobile broadband. Also, it appears you have an old version of AVG which I will help you remove, because you already have avast which is a better AntiVirus.

You can donate directly to me, or since I work for Malwarebytes you can give a donation to us by purchasing the Pro version of Malwarebytes Anti-Malware which will protect your computer in real-time.

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

AVG Free 8.5

AVG PC Tuneup 2011

Java

Link to post
Share on other sites

this is what i get when i try to remove t mobile i click report on the error box that comes up and it says this :http://www.installshield.com/isetup/ProErrorCentral.aspx?ErrorCode=-5005%20:%200x80070002&ErrorInfo=>Kernel\KernelMedia.cpp%20(95)>SetupNew\setup.

Link to post
Share on other sites

speedy pc says it uninstalls but its there when i reboot!!! avg pc tune up has been successfully removed as far as i can tell. java 6 update 6 has also been removed. couldnt find anything on avg8.5

Link to post
Share on other sites

Matt please can you guide me to the windows offline download as everytime i download java its being downloaded by SUN MICROSYSTEMS, INC this is the one you dont want me to download right?

Link to post
Share on other sites

it sounds like the hard drive is running faster! before i ran the updated java installation i was having lots of crashing and sticky episodes so cannot really tell yet shall i send another hijack log so u can take a look? also this speedy pc programme is refusing to come off my computer and t mobile wont go either. Just to let you know i inserted a camera card into my computer about a year ago or more and my computer didnt like it and crashed and switched off i couldnt find a virus on the card but saw that virgin was the data card reader , just not sure what that was all about and not sure if my computer is still affected by that card?

Link to post
Share on other sites

ok 2 mins i will be back with it thank you so much for your help and please guide me to where i can make a donation to you personally for wednesday :)

Link to post
Share on other sites

OTL logfile created on: 02/05/2011 18:06:31 - Run 3

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Heather\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 503.00 Mb Available Physical Memory | 50.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111.79 Gb Total Space | 85.88 Gb Free Space | 76.83% Space Free | Partition Type: NTFS

Drive D: | 44.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ALLEYCAT | User Name: Heather | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Heather\desktop\OTL.exe (OldTimer Tools)

PRC - C:\Documents and Settings\Heather\Local Settings\Application Data\Google\Update\1.3.21.53\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

PRC - C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

PRC - C:\Program Files\T-Mobile\Mobile Broadband Manager\UIExec.exe ()

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

PRC - C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\agent.exe (Acresso Corporation)

PRC - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

PRC - C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)

PRC - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)

PRC - C:\Program Files\Virgin Mobile\Broadband Home\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)

PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)

PRC - C:\WINDOWS\system32\acs.exe (Atheros)

PRC - C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Heather\desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (SBAMSvc) -- File not found

SRV - (avg8wd) -- File not found

SRV - (avg8emc) -- File not found

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

SRV - (UI Assistant Service) -- C:\Program Files\T-Mobile\Mobile Broadband Manager\AssistantServices.exe ()

SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

SRV - (TAPPSRV) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)

SRV - (TOSHIBA Bluetooth Service) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

SRV - (ACS) -- C:\WINDOWS\system32\acs.exe (Atheros)

SRV - (TODDSrv) -- C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)

SRV - (CFSvcs) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)

DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation)

DRV - (ZTEusbvoice) -- C:\WINDOWS\system32\drivers\zteusbvoice.sys (ZTE Incorporated)

DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)

DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)

DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)

DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (MBB Incorporated)

DRV - (vodafone_K380x-z_dc_enum) -- C:\WINDOWS\system32\drivers\vodafone_K380x-z_dc_enum.sys (Vodafone)

DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)

DRV - (SBRE) -- C:\WINDOWS\system32\drivers\sbredrv.sys (Sunbelt Software)

DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RTS5121.sys (Realtek Semiconductor Corp.)

DRV - (tos_sps32) -- C:\WINDOWS\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )

DRV - (UVCFTR) -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)

DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV - (FwLnk) -- C:\WINDOWS\system32\drivers\FwLnk.sys (TOSHIBA Corporation)

DRV - (tdudf) -- C:\WINDOWS\system32\drivers\tdudf.sys (TOSHIBA Corporation)

DRV - (trudf) -- C:\WINDOWS\system32\drivers\trudf.sys (TOSHIBA Corporation)

DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\tosrfec.sys (TOSHIBA Corporation)

DRV - (tdcmdpst) -- C:\WINDOWS\system32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)

DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"

FF - prefs.js..browser.search.defaultthis.engineName: "Feboz Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://uk.search.yahoo.com/search?fr=ffsp1&p="

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-type: "${8}"

FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://uk.yahoo.com"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: npfax@microgaming.co.uk:2.1.0.19

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319

FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4daaca17&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/04/25 21:02:19 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/26 04:57:32 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/18 04:16:10 | 000,000,000 | ---D | M]

[2009/06/30 10:52:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Extensions

[2011/04/19 00:36:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions

[2011/04/19 00:34:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2011/04/16 13:56:46 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)

[2010/09/15 20:53:53 | 000,000,557 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\searchplugins\bing.xml

[2010/02/04 05:06:36 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\fxem6dh1.default\searchplugins\conduit.xml

[2011/05/02 17:47:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/08/04 15:16:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/10/23 03:33:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/12/24 01:39:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/05/02 17:47:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

File not found (No name found) --

[2011/04/25 21:02:19 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

[2009/06/24 08:39:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2011/03/18 18:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

[2011/05/02 17:46:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2009/05/12 17:26:34 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll

[2010/03/08 11:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Program Files\Mozilla Firefox\plugins\npmidas.dll

[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/04/22 08:07:12 | 000,432,016 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 123fporn.info

O1 - Hosts: 14894 more lines...

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\Virgin Mobile\Broadband Home\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)

O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()

O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (Google)

O4 - HKLM..\Run: [iTSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)

O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

O4 - HKLM..\Run: [NDSTray.exe] File not found

O4 - HKLM..\Run: [smoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)

O4 - HKLM..\Run: [uIExec] C:\Program Files\T-Mobile\Mobile Broadband Manager\UIExec.exe ()

O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

O4 - HKCU..\Run: [badoo Desktop] C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.3.12.904\Badoo.Desktop.exe (Badoo)

O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\Virgin Mobile\Broadband Home\VIRGIN MOBILE BROADBAND HOME.exe ()

O4 - HKCU..\Run: [search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab (BatchDownloader Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.205.65.68 10.205.65.68

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/09/19 07:27:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2010/09/13 23:45:26 | 000,000,120 | R--- | M] () - D:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell - "" = AutoRun

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{4e1cfec0-1531-11e0-8828-001e338b062b}\Shell\AutoRun\command - "" = D:\AutoRun.exe

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell - "" = AutoRun

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{9cfd3796-677b-11e0-88c8-002163bf0b3f}\Shell\AutoRun\command - "" = D:\setup_vmb_lite.exe -- [2010/07/08 12:14:50 | 000,274,432 | R--- | M] (Vodafone)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/02 17:47:06 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011/05/02 17:47:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011/05/02 17:47:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011/05/02 17:47:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2011/04/29 01:20:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Badoo

[2011/04/27 17:48:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Heather\Desktop\OTL.exe

[2011/04/26 22:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\licenses

[2011/04/26 22:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\PCMM2009

[2011/04/26 22:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\PCMM2011

[2011/04/26 21:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpeedyPC

[2011/04/26 21:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC

[2011/04/26 21:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedyPC

[2011/04/26 21:42:46 | 000,000,000 | ---D | C] -- C:\Drivers

[2011/04/26 05:47:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/04/26 05:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/04/26 05:46:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/04/26 04:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\HiJackThis

[2011/04/26 04:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011/04/25 21:02:41 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/04/25 21:02:41 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/04/25 21:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus

[2011/04/25 21:02:37 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/04/25 21:02:37 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/04/25 21:02:37 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/04/25 21:02:37 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/04/25 21:02:37 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/04/25 21:02:37 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/04/25 21:02:16 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/04/25 21:02:16 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/04/25 16:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegWork

[2011/04/25 11:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2011/04/25 11:41:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/04/25 11:10:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Heather\Recent

[2011/04/25 11:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\Glarysoft

[2011/04/25 11:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe

[2011/04/25 05:50:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe(2)

[2011/04/23 21:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU

[2011/04/23 21:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\AVS4YOU

[2011/04/23 21:43:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\AVS4YOU

[2011/04/23 21:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVS4YOU

[2011/04/23 21:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia

[2011/04/23 21:42:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

[2011/04/23 21:38:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll

[2011/04/23 21:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU

[2011/04/23 20:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\My Documents\stereo_files

[2011/04/18 13:47:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy

[2011/04/18 13:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2011/04/18 13:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2011/04/18 13:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\My Documents\My Google Gadgets

[2011/04/18 04:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Start Menu\Programs\Google Chrome

[2011/04/18 04:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com

[2011/04/18 03:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2011/04/17 11:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

[2011/04/17 10:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\ErrorExpert

[2011/04/16 14:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Vodafone

[2011/04/16 14:16:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Vodafone

[2011/04/16 14:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone

[2011/04/16 14:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\FLEXnet

[2011/04/16 14:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet

[2011/04/16 14:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Local Settings\Application Data\{F3E8BCCE-24B6-4737-920E-0D6073630E2A}

[2011/04/16 13:58:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang

[2011/04/16 13:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\AVG

[2011/04/16 13:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC Tuneup 2011

[2011/04/16 13:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\T-Mobile Mobile Broadband Manager

[2011/04/16 05:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\Camera Assistant Software for Gateway

[2011/04/16 05:16:54 | 000,000,000 | ---D | C] -- C:\cabs

[2011/04/15 22:39:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll

[2011/04/15 22:39:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll

[2011/04/15 22:39:12 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll

[2011/04/15 22:39:11 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll

[2011/04/15 22:39:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll

[2011/04/15 22:39:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll

[2011/04/15 22:39:09 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll

[2011/04/15 22:39:08 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe

[2011/04/15 22:39:05 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl

[2011/04/15 17:22:38 | 000,114,688 | R--- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbnet.sys

[2011/04/15 17:22:29 | 000,105,856 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zteusbvoice.sys

[2011/04/15 17:22:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Heather\Application Data\Vodafone

[2011/04/15 17:21:39 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll

[2008/09/19 08:26:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/02 18:02:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2577866921-869302320-1379617784-1007UA.job

[2011/05/02 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job

[2011/05/02 17:48:48 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job

[2011/05/02 17:48:48 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-Heather-Startup.job

[2011/05/02 17:48:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/05/02 17:48:16 | 1063,202,816 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/02 17:46:46 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011/05/02 17:46:46 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011/05/02 17:46:46 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011/05/02 17:46:46 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2011/05/02 17:46:45 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll

[2011/05/02 17:00:02 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC Program Check.job

[2011/05/02 00:33:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job

[2011/05/01 20:02:02 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2577866921-869302320-1379617784-1007Core.job

[2011/05/01 04:33:54 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC.job

[2011/04/30 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Registry Winner Schedule.job

[2011/04/27 17:48:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Heather\Desktop\OTL.exe

[2011/04/27 03:13:11 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\HiJackThis.lnk

[2011/04/26 05:47:02 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/26 01:15:33 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2011/04/25 21:02:42 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/04/25 21:02:37 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011/04/25 17:08:02 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\Regwork.job

[2011/04/24 17:24:29 | 000,063,202 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\cc_20110424_172409.reg

[2011/04/23 21:55:04 | 000,029,566 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\$(KGrHqMOKpwE1rGE0vihBNry+g)Qbg~~_12.JPG

[2011/04/23 21:43:33 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\AVS4YOU Software Navigator.lnk

[2011/04/23 21:42:49 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\AVS Image Converter.lnk

[2011/04/23 20:59:52 | 000,003,680 | ---- | M] () -- C:\Documents and Settings\Heather\My Documents\stereo.htm

[2011/04/22 08:07:12 | 000,432,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2011/04/22 04:24:43 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\Update Checker.lnk

[2011/04/21 21:51:27 | 000,432,016 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110422-080712.backup

[2011/04/20 19:41:47 | 000,431,550 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110421-215127.backup

[2011/04/19 18:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Pareto UNS.job

[2011/04/19 02:43:23 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/04/19 02:43:23 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk

[2011/04/19 00:40:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/04/18 18:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/04/18 18:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/04/18 18:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/04/18 18:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/04/18 18:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/04/18 18:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/04/18 18:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/04/18 18:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/04/18 18:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/04/18 18:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/04/18 14:44:27 | 000,006,666 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110418-144428.backup

[2011/04/18 13:47:20 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/04/18 13:47:19 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Heather\Desktop\Spybot - Search & Destroy.lnk

[2011/04/18 04:51:18 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/04/18 04:16:25 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/04/18 04:16:25 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2011/04/18 03:16:06 | 000,618,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/04/16 14:16:11 | 000,001,982 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk

[2011/04/16 14:16:11 | 000,001,911 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk

[2011/04/16 14:05:18 | 000,243,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/04/16 13:14:43 | 000,006,921 | ---- | M] () -- C:\NetworkCfg.xml

[2011/04/16 09:33:49 | 000,546,012 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/04/16 09:33:49 | 000,110,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/04/15 17:21:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf

[2011/04/15 17:21:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/26 21:55:13 | 000,000,402 | ---- | C] () -- C:\WINDOWS\tasks\SpeedyPC Program Check.job

[2011/04/26 21:55:12 | 000,000,386 | ---- | C] () -- C:\WINDOWS\tasks\SpeedyPC.job

[2011/04/26 05:47:02 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/04/26 04:17:41 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\HiJackThis.lnk

[2011/04/25 21:02:42 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/04/25 16:44:59 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\Regwork.job

[2011/04/24 17:24:15 | 000,063,202 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\cc_20110424_172409.reg

[2011/04/23 21:43:33 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\AVS4YOU Software Navigator.lnk

[2011/04/23 21:42:49 | 000,000,890 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\AVS Image Converter.lnk

[2011/04/23 20:59:52 | 000,029,566 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\$(KGrHqMOKpwE1rGE0vihBNry+g)Qbg~~_12.JPG

[2011/04/23 20:59:51 | 000,003,680 | ---- | C] () -- C:\Documents and Settings\Heather\My Documents\stereo.htm

[2011/04/19 02:43:23 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011/04/18 13:47:19 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2011/04/18 13:47:19 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\Spybot - Search & Destroy.lnk

[2011/04/18 04:51:18 | 000,002,278 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/04/18 04:16:25 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2011/04/18 04:11:15 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2011/04/18 04:11:14 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk

[2011/04/18 04:00:54 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\Heather\Start Menu\Programs\Update Checker.lnk

[2011/04/18 04:00:53 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Heather\Desktop\Update Checker.lnk

[2011/04/18 03:15:38 | 000,618,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/04/17 11:52:11 | 000,000,312 | ---- | C] () -- C:\WINDOWS\tasks\WinMaximizer-Heather-Startup.job

[2011/04/16 14:16:11 | 000,001,982 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SMS.lnk

[2011/04/16 14:16:11 | 000,001,911 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vodafone Mobile Broadband.lnk

[2011/04/15 17:21:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_vodafone_K380x-z_dc_enum_01009.Wdf

[2011/04/15 17:21:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

[2011/03/12 15:49:50 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll

[2011/01/10 18:26:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat

[2010/08/11 11:43:50 | 000,159,464 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4

[2010/08/04 21:31:03 | 000,000,156 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\wklnhst.dat

[2010/06/10 11:19:57 | 000,000,022 | ---- | C] () -- C:\WINDOWS\popcinfot.dat

[2010/03/21 10:50:34 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Heather\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/12/01 00:19:15 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Heather\Application Data\Launch Internet Explorer Browser.lnk

[2009/10/19 03:14:13 | 000,002,301 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2009/09/14 23:33:33 | 011,551,264 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/09/14 23:33:33 | 000,137,248 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009/09/14 21:45:39 | 000,048,492 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2009/05/14 01:30:54 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009/04/21 03:50:35 | 000,032,608 | ---- | C] () -- C:\WINDOWS\king-uninstall.exe

[2009/04/17 17:45:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2008/09/19 09:16:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008/09/19 08:57:08 | 000,000,563 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini

[2008/09/19 08:26:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI

[2008/09/19 08:21:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2008/09/19 08:20:28 | 000,243,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008/09/19 08:10:02 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll

[2008/09/19 07:52:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll

[2008/09/19 07:51:47 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe

[2008/09/19 07:51:47 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2008/09/19 07:30:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2008/09/19 07:25:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2008/09/19 06:15:15 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008/09/19 06:15:14 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2008/09/19 06:15:14 | 000,546,012 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008/09/19 06:15:14 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008/09/19 06:15:14 | 000,110,678 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008/09/19 06:15:14 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008/09/19 06:15:14 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2008/09/19 06:15:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2008/09/19 06:15:13 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008/09/19 06:15:13 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2008/09/19 06:15:09 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008/09/19 06:15:09 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll

[2005/07/22 21:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

========== LOP Check ==========

[2011/04/16 13:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG

[2010/12/18 00:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\AVG10

[2010/04/16 22:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1

[2010/08/02 15:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\DriverCure

[2011/04/17 10:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\ErrorExpert

[2011/04/18 03:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\GlarySoft

[2009/12/27 12:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\IObit

[2011/04/26 22:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\licenses

[2010/04/18 23:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Mysteryville2

[2010/08/03 02:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\ParetoLogic

[2011/04/26 22:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\PCMM2009

[2011/04/26 22:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\PCMM2011

[2010/08/04 21:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Template

[2010/09/29 14:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Toshiba

[2011/02/17 04:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Uniblue

[2011/04/15 17:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Heather\Application Data\Vodafone

[2011/04/25 21:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/04/25 11:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2009/11/27 05:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2011/04/29 01:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Badoo

[2009/09/14 18:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations

[2010/12/18 00:46:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2009/09/14 22:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations

[2010/09/10 17:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure

[2010/08/02 04:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner

[2010/02/24 02:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit

[2011/04/25 11:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2010/10/13 18:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic

[2009/09/14 22:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Spyware

[2009/09/14 23:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Virus PLUS

[2009/11/19 02:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters

[2010/08/01 18:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop

[2010/05/01 19:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games

[2011/04/25 16:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegWork

[2011/04/26 21:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC

[2011/04/18 03:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008/09/25 09:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA

[2011/04/16 14:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone

[2011/04/17 11:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer

[2008/09/25 09:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

[2010/08/02 04:30:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}

[2009/04/21 10:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2011/05/02 17:48:48 | 000,000,378 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job

[2011/04/19 18:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\Pareto UNS.job

[2011/05/02 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job

[2011/05/02 00:33:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job

[2011/04/30 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Winner Schedule.job

[2011/04/25 17:08:02 | 000,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\Regwork.job

[2011/05/02 17:00:02 | 000,000,402 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedyPC Program Check.job

[2011/05/01 04:33:54 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\SpeedyPC.job

[2009/04/27 02:42:33 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\System Restore.job

[2011/05/02 17:48:48 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\WinMaximizer-Heather-Startup.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\wupdmgr.exe:SummaryInformation

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 02/05/2011 18:06:31 - Run 3

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Heather\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 503.00 Mb Available Physical Memory | 50.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 111.79 Gb Total Space | 85.88 Gb Free Space | 76.83% Space Free | Partition Type: NTFS

Drive D: | 44.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ALLEYCAT | User Name: Heather | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Toshiba\ConfigFree\NDSTray.exe" = C:\Program Files\Toshiba\ConfigFree\NDSTray.exe:*:Enabled:ConfigFree Tray -- (TOSHIBA CORPORATION)

"C:\Program Files\Toshiba\ConfigFree\CFXFER.exe" = C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger

"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{117CD9C0-0F15-4633-93D7-F957B50535A5}" = Popup Blocker (Windows Live Toolbar)

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}" = Atheros Client Utility

"{1707BF02-0F5C-4A6C-8F17-053BB73E443F}" = Tabbed Browsing (Windows Live Toolbar)

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}" = MSN Toolbar

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{38024121-D084-4E7D-B1A2-1A04CB5C4CF3}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)

"{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility

"{645D6B69-6456-442D-94D6-85F0636ED258}" = Badoo Desktop

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.