Solved Computer runs very slow. Feel there may be possible malware

[Solved] Computer runs very slow. Feel there may be possible malware

Hello. My computer seems to be running very slow. I have had virus problems in the past (google redirect) In addition, I get the following message on start up.
"Error Loading c:\windows\ohazogazinufew.dll The specified mode could not be found" ? Here are my DDS logs. Thanks in advance for your help.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Mel Broad at 10:19:54.75 on Wed 08/04/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.147 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ATnotes\ATnotes.exe
C:\Documents and Settings\Mel Broad\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.espn.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5643
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [AcronisTimounterMonitor] c:\program files\seagate\discwizard\TimounterMonitor.exe
mRun: [Seagate Scheduler2 Service] "c:\program files\common files\seagate\schedule2\schedhlp.exe "
mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe "
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background
mRun: [Vlecihikicilu] rundll32.exe "c:\windows\ohazogazinufew.dll ",Startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.snapfish.com/SnapfishActivia.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 relog_ap

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-15 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-10-15 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-15 108552]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2010-3-17 93872]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-7-5 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-10-15 297752]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\common files\seagate\schedule2\schedul2.exe [2008-6-24 431384]

=============== Created Last 30 ================

2010-07-21 23:26:49 72080 ----a-w- c:\documents and settings\mel broad\g2mdlhlpx.exe
2010-07-14 09:51:48 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-13 02:27:26 120 ----a-w- c:\windows\Tvuje.dat
2010-07-13 02:27:26 0 ----a-w- c:\windows\Pqakujaneca.bin

==================== Find3M ====================

2010-07-27 06:30:35 8462336 ------w- c:\windows\system32\dllcache\shell32.dll
2010-07-17 09:00:04 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-10 03:17:27 256 ----a-w- c:\documents and settings\mel broad\pool.bin
2006-03-10 03:56:54 5852 --sha-w- c:\windows\system32\KGyGaAvL.sys
2008-08-20 07:06:59 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082020080821\index.dat

============= FINISH: 10:21:13.87 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/8/2006 5:12:20 PM
System Uptime: 8/4/2010 6:25:30 AM (4 hours ago)

Motherboard: Dell Inc. | | 0WG261
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | Microprocessor | 3192/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 228 GiB total, 70.423 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is FIXED (NTFS) - 190 GiB total, 44.804 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

µTorrent
Adobe Acrobat - Reader 6.0.2 Update
Adobe Flash Player 10 ActiveX
Adobe Reader 6.0.1
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
ATnotes Version 9.5
AutoUpdate
AVG 8.5
Banctec Service Agreement
BlackBerry Desktop Software 5.0.1
BlackBerry® Media Sync
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
Canon iP1800 series
Canon iP1800 series User Registration
Canon MovieEdit Task for ZoomBrowser EX
Canon My Printer
Canon PhotoRecord
Canon PIXMA iP3000
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Easy-LayoutPrint
Canon Utilities Easy-PhotoPrint
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner (remove only)
Conexant D850 56K V.9x DFVc Modem
Critical Update for Windows Media Player 11 (KB959772)
dBpoweramp Music Converter
dBpoweramp Shorten Codec
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell System Restore
Digital Content Portal
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Web Player
Easy-WebPrint
ELIcon
ESPNMotion
GemMaster Mystic
Google
GoToMeeting 4.5.0.457
GTOneCare
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HPCarePackCore
HPCarePackProducts
HPSSupply
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
iTunes
Java Auto Updater
Java(TM) 6 Update 21
Malwarebytes' Anti-Malware
Maxtor Manager
MCU
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Basic Edition 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 4.5
Microsoft Works Setup Launcher
Modem Helper
MrvlUsgTracking
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicmatch for Windows Media Player
Network Magic
Nikon View 6
PowerDVD 5.5
Pure Networks Platform
QuickTime
Seagate*DiscWizard
SeaTools for Windows
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Smart Defrag 1.20
Sonic Encoders
Sophos Anti-Rootkit 1.5.0
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Turbo Lister 2
TweakNow RegCleaner
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
USB Storage Adapter FX (MXO)
Viewpoint Media Player
WebEx Support Manager for Internet Explorer
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live OneCare safety scanner
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver

==== End Of File ===========================

 

Download Malwarebytes' Anti-Malware (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Download the update from here if you have problems.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Make sure that you restart the computer.

=========

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:


netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT


* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4390

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

8/4/2010 10:45:21 PM
mbam-log-2010-08-04 (22-45-21).txt

Scan type: Full scan (C:\|J:\|)
Objects scanned: 304016
Time elapsed: 3 hour(s), 7 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL scan to follow. Thanks!

 

How you going with it?

 

OTL logfile created on: 8/4/2010 11:31:47 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Mel Broad\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 70.32 Gb Free Space | 30.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 189.92 Gb Total Space | 44.80 Gb Free Space | 23.59% Space Free | Partition Type: NTFS

Computer Name: D8JWMJ91
Current User Name: Mel Broad
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/04 23:29:18 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/11/19 22:29:16 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/08/30 23:08:30 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/30 23:08:20 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/30 23:07:55 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/30 23:07:35 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/30 23:05:44 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/07/21 17:16:06 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
PRC - [2008/07/21 17:15:14 | 000,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008/06/24 20:06:22 | 000,904,768 | ---- | M] (Acronis) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
PRC - [2008/06/24 19:56:52 | 000,136,472 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2008/04/28 07:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005/01/05 16:45:36 | 001,015,808 | ---- | M] (Thomas Ascher) -- C:\Program Files\ATnotes\ATnotes.exe


========== Modules (SafeList) ==========

MOD - [2010/08/04 23:29:18 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/30 23:07:35 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/30 23:05:44 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/07/21 17:15:14 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Combo-Fix\catchme.sys -- (catchme)
DRV - [2009/08/30 23:08:25 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/08/30 23:08:23 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/15 10:15:10 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/08/15 10:15:10 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/08/15 10:15:03 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/08/15 10:14:52 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009/08/05 15:58:40 | 000,093,872 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2009/07/07 14:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 14:48:44 | 000,025,392 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/05/02 09:45:16 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/05/03 13:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2005/11/16 22:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/10/10 05:23:48 | 000,032,640 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MXOFX.SYS -- (MXOFX) USB Storage Adapter FX (MXO)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643

FF - HKLM\software\mozilla\Firefox\Extensions\\{8FE38891-27A0-4D48-9ABC-0ED79A2A74D9}: C:\Documents and Settings\Mel Broad\Local Settings\Application Data\{8FE38891-27A0-4D48-9ABC-0ED79A2A74D9} [2010/07/12 22:27:23 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/04/20 22:21:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No CLSID value found.
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4 - HKLM..\Run: [Vlecihikicilu] C:\WINDOWS\ohazogazinufew.DLL File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Mel Broad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mel Broad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/04/20 23:43:37 | 000,000,059 | ---- | M] () - J:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 90 Days ==========

[2010/08/04 23:29:15 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
[2010/08/04 09:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/03 23:57:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mel Broad\Recent
[2010/07/12 22:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Local Settings\Application Data\{8FE38891-27A0-4D48-9ABC-0ED79A2A74D9}
[2010/07/12 22:25:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Local Settings\Application Data\hqtkohwno
[2010/06/26 11:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Local Settings\Application Data\qdsvnimkr
[2010/05/09 21:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Application Data\Research In Motion
[2010/05/09 21:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/05/09 21:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/05/09 21:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2010/05/09 21:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[38 C:\Documents and Settings\Mel Broad\My Documents\*.tmp files -> C:\Documents and Settings\Mel Broad\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/04 23:29:18 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
[2010/08/04 23:25:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/04 23:23:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/04 23:23:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/04 23:23:46 | 534,925,312 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/04 23:22:25 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\Mel Broad\ntuser.dat
[2010/08/04 23:22:25 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Mel Broad\ntuser.ini
[2010/08/04 17:02:42 | 062,936,754 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/04 09:23:16 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/08/04 09:00:21 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/02 20:54:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/01 21:01:00 | 000,223,941 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\Balance2.wks
[2010/07/25 18:10:32 | 000,018,333 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\Soverign (mbsports44).wks
[2010/07/21 19:26:50 | 000,072,080 | ---- | M] () -- C:\Documents and Settings\Mel Broad\g2mdlhlpx.exe
[2010/07/20 22:09:13 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Tvuje.dat
[2010/07/20 05:35:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Pqakujaneca.bin
[2010/07/14 22:26:56 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\program policy.wps3.wps
[2010/07/14 22:26:39 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\program policy.wps2.wps
[2010/07/12 15:39:14 | 000,023,592 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\sovereign.wks
[2010/07/06 16:54:25 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Mel Broad\Desktop\Microsoft Office Outlook 2003.lnk
[2010/06/29 17:11:31 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\throat.doc
[2010/06/24 16:35:22 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 12.doc
[2010/06/24 15:57:01 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 11.doc
[2010/06/24 03:08:40 | 000,507,308 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/24 03:08:40 | 000,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/24 03:08:40 | 000,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/23 06:36:52 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Mel Broad\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/06/21 23:01:13 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/06/15 07:56:41 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\What I like that my dad does.doc
[2010/06/13 16:43:18 | 000,141,667 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\dadfathersday2010.jpg
[2010/06/13 16:28:08 | 002,819,419 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\Dad2010.jpg
[2010/06/13 16:22:59 | 000,119,490 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\elliotfathersday2010.jpg
[2010/06/12 07:37:32 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\the winner of quiet idol 2010 is jake broad.doc
[2010/06/12 07:35:44 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet is Mel broad.doc
[2010/06/11 16:22:52 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is lisa broad.doc
[2010/06/11 06:48:32 | 000,136,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/11 04:45:11 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/10 19:43:21 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\3 Qustions using spelling words.doc
[2010/06/09 16:55:21 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is Jake Broa1.doc
[2010/06/08 19:11:49 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\All of the words for ABC Order.doc
[2010/06/08 08:50:02 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\vegie chili.doc
[2010/06/07 19:22:47 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\8 jazzy sentences.doc
[2010/06/03 20:46:13 | 004,479,558 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\babaO.mp3
[2010/06/03 14:35:24 | 170,881,748 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod092608.mp3
[2010/06/03 14:31:30 | 135,366,921 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod110708.mp3
[2010/06/03 14:29:30 | 106,386,020 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod122608.mp3
[2010/06/02 17:01:23 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\8 Words for ABC Order.doc
[2010/06/01 16:07:43 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy sentences.doc
[2010/05/31 19:13:12 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\utensils and work suplises.doc
[2010/05/28 22:00:25 | 138,135,339 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\dead 8-25-72.mp3
[2010/05/28 18:48:11 | 000,015,439 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\cutting_shapes.pdf
[2010/05/25 15:02:12 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\butterfly.doc
[2010/05/24 15:51:25 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\6 Jazzy sentences.doc
[2010/05/19 15:39:08 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\10 words for ABC order.doc
[2010/05/18 15:39:35 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\lisa's resume.doc
[2010/05/17 16:15:53 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\5 Nouns in sentences.doc
[2010/05/13 15:22:23 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy senetnces.doc
[2010/05/09 23:17:27 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\Mel Broad\pool.bin
[2010/05/09 21:25:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2010/05/09 21:14:10 | 271,060,312 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\501_b049_multilanguage.exe
[38 C:\Documents and Settings\Mel Broad\My Documents\*.tmp files -> C:\Documents and Settings\Mel Broad\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/21 19:26:49 | 000,072,080 | ---- | C] () -- C:\Documents and Settings\Mel Broad\g2mdlhlpx.exe
[2010/07/14 22:26:56 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\program policy.wps3.wps
[2010/07/12 22:48:01 | 534,925,312 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/12 22:27:26 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Tvuje.dat
[2010/07/12 22:27:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Pqakujaneca.bin
[2010/06/29 10:58:35 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\throat.doc
[2010/06/24 15:57:01 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 11.doc
[2010/06/24 15:42:27 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 12.doc
[2010/06/15 07:56:40 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\What I like that my dad does.doc
[2010/06/13 16:43:17 | 000,141,667 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\dadfathersday2010.jpg
[2010/06/13 16:28:04 | 002,819,419 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\Dad2010.jpg
[2010/06/13 16:22:59 | 000,119,490 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\elliotfathersday2010.jpg
[2010/06/12 07:35:43 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet is Mel broad.doc
[2010/06/11 16:20:14 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is lisa broad.doc
[2010/06/10 19:43:20 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\3 Qustions using spelling words.doc
[2010/06/09 16:54:41 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is Jake Broa1.doc
[2010/06/09 16:47:37 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\the winner of quiet idol 2010 is jake broad.doc
[2010/06/08 19:11:48 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\All of the words for ABC Order.doc
[2010/06/07 19:22:46 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\8 jazzy sentences.doc
[2010/06/07 12:36:14 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\vegie chili.doc
[2010/06/03 20:46:09 | 004,479,558 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\babaO.mp3
[2010/06/03 14:33:26 | 170,881,748 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod092608.mp3
[2010/06/03 14:31:06 | 135,366,921 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod110708.mp3
[2010/06/03 14:29:10 | 106,386,020 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod122608.mp3
[2010/06/01 16:07:43 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy sentences.doc
[2010/05/31 19:13:11 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\utensils and work suplises.doc
[2010/05/28 21:59:35 | 138,135,339 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\dead 8-25-72.mp3
[2010/05/28 18:47:33 | 000,015,439 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\cutting_shapes.pdf
[2010/05/25 14:56:31 | 000,038,912 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\butterfly.doc
[2010/05/24 15:51:25 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\6 Jazzy sentences.doc
[2010/05/17 16:15:52 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\5 Nouns in sentences.doc
[2010/05/13 15:22:23 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy senetnces.doc
[2010/05/11 16:26:24 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\8 Words for ABC Order.doc
[2010/05/10 20:50:39 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/05/09 21:37:22 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Mel Broad\pool.bin
[2010/05/09 21:25:18 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2010/05/09 21:13:22 | 271,060,312 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\501_b049_multilanguage.exe
[2010/04/14 09:06:40 | 000,015,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2008/11/21 17:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/21 17:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/06/20 21:50:47 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2007/06/11 14:24:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2007/05/13 19:58:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2006/05/25 17:49:07 | 000,000,613 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2006/03/08 23:43:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/03/08 23:41:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2006/03/08 20:02:07 | 000,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/08 18:39:42 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/02/21 15:24:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/21 15:14:57 | 000,000,361 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/21 15:11:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/21 14:44:40 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 05:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2006/02/21 15:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2007/08/16 19:31:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/04/14 11:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2009/08/15 10:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2010/05/09 21:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009/08/15 09:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RetroExp
[2009/08/15 10:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2007/02/02 20:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/06/24 22:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/04/19 21:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/12 11:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/15 22:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/15 22:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\dBpoweramp
[2009/07/23 15:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\IObit
[2006/09/11 20:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Leadertech
[2009/07/23 15:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\MSNInstaller
[2006/03/08 21:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Nikon
[2010/05/09 21:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Research In Motion
[2006/03/15 12:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Snapfish
[2009/10/31 08:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\TweakNow RegCleaner
[2010/06/24 21:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\uTorrent
[2007/02/12 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Viewpoint

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/08/20 00:06:56 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/08/20 00:06:56 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/08/20 00:06:56 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/08/20 00:06:56 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2010/04/14 11:44:19 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2010/04/14 11:44:19 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/10 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
[2004/08/10 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/10 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2004/08/10 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/13 20:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll

< %systemroot%\System32\config\*.sav >
[2005/08/16 05:27:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/08/16 05:27:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/08/16 05:27:08 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 372 bytes -> C:\WINDOWS\System32\drivers\pcppnwtq.sys:changelist
< End of report >

 

OTL Extras logfile created on: 8/4/2010 11:31:48 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Mel Broad\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 70.32 Gb Free Space | 30.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 189.92 Gb Total Space | 44.80 Gb Free Space | 23.59% Space Free | Partition Type: NTFS

Computer Name: D8JWMJ91
Current User Name: Mel Broad
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabledxpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"139:TCP" = 139:TCP:LocalSubNet:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabledxpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE -- (Software 2000 Limited)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\Mel Broad\My Documents\utorrent.exe" = C:\Documents and Settings\Mel Broad\My Documents\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C85EC5-E864-4847-AF55-42730861004C}" = MrvlUsgTracking
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1800_series" = Canon iP1800 series
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6446BBD0-CB83-40E1-BEA1-0C147065E2A6}" = Maxtor Manager
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7B02BF60-796D-4616-908B-B31A63CFDEFB}" = HPCarePackCore
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel(R) PROSet for Wired Connections
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B21B9EF-6DBF-4F63-8CC7-9F6A56D1EE8E}" = GTOneCare
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAB84E83-C8DF-4752-9DFC-2E2A48EE5E9F}" = Nikon View 6
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate*DiscWizard
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Google
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{ECA31632-C2AD-4774-A3CA-2813D47E4DD0}" = HPCarePackProducts
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ATI Display Driver" = ATI Display Driver
"ATnotes_is1" = ATnotes Version 9.5
"AVG8Uninstall" = AVG 8.5
"BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"Canon iP1800 series User Registration" = Canon iP1800 series User Registration
"CANONBJ_Deinstall_CNMCP61.DLL" = Canon PIXMA iP3000
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"CSCLIB" = Canon Camera Support Core Library
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpoweramp Shorten Codec" = dBpoweramp Shorten Codec
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"EOS Utility" = Canon Utilities EOS Utility
"ESPNMotion" = ESPNMotion
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{6446BBD0-CB83-40E1-BEA1-0C147065E2A6}" = Maxtor Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MXOFX" = USB Storage Adapter FX (MXO)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Network MagicUninstall" = Network Magic
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoStitch" = Canon Utilities PhotoStitch
"PROSet" = Intel(R) PRO Network Connections Drivers
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Smart Defrag_is1" = Smart Defrag 1.20
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works" = Microsoft Works 4.5
"Works99Setup" = Microsoft Works Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.5.0.457
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/20/2010 11:12:39 PM | Computer Name = D8JWMJ91 | Source = Bonjour Service | ID = 100
Description = 396: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 7/21/2010 9:43:41 PM | Computer Name = D8JWMJ91 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.17055, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/22/2010 10:19:44 PM | Computer Name = D8JWMJ91 | Source = Bonjour Service | ID = 100
Description = 420: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 7/25/2010 8:16:58 PM | Computer Name = D8JWMJ91 | Source = Bonjour Service | ID = 100
Description = 396: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 7/26/2010 8:55:14 PM | Computer Name = D8JWMJ91 | Source = Bonjour Service | ID = 100
Description = 232: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 7/29/2010 8:32:06 PM | Computer Name = D8JWMJ91 | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 7/31/2010 6:23:53 PM | Computer Name = D8JWMJ91 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.17055, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/2/2010 9:21:17 PM | Computer Name = D8JWMJ91 | Source = Bonjour Service | ID = 100
Description = 208: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 8/4/2010 9:23:12 AM | Computer Name = D8JWMJ91 | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 8/4/2010 11:15:21 PM | Computer Name = D8JWMJ91 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.17055, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 7/12/2010 10:32:10 PM | Computer Name = D8JWMJ91 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 7/12/2010 10:32:10 PM | Computer Name = D8JWMJ91 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 7/12/2010 10:32:10 PM | Computer Name = D8JWMJ91 | Source = Service Control Manager | ID = 7001
Description = The Apple Mobile Device service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31

Error - 7/12/2010 10:32:10 PM | Computer Name = D8JWMJ91 | Source = Service Control Manager | ID = 7001
Description = The Bonjour Service service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31

Error - 7/12/2010 10:32:10 PM | Computer Name = D8JWMJ91 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 7/12/2010 10:32:10 PM | Computer Name = D8JWMJ91 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

Error - 7/12/2010 10:32:25 PM | Computer Name = D8JWMJ91 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments " " in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 7/12/2010 10:47:03 PM | Computer Name = D8JWMJ91 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 8/4/2010 11:37:20 PM | Computer Name = D8JWMJ91 | Source = SRService | ID = 104
Description = The System Restore initialization process failed.

Error - 8/4/2010 11:37:24 PM | Computer Name = D8JWMJ91 | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%2


< End of report >

 

Run OTL

• Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
  
  
  Code:

  :Files
  
  :OTL
  IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
  IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings:  "ProxyServer" = http=127.0.0.1:5643
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No CLSID value found.
  :Commands
  [emptyflash]
  [emptytemp]
  [resethosts]
  [Reboot]

• Then click the [color= "#FF0000"]Run Fix[/color] button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post log from this run.
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

==========

Please go to Jotti's or to virustotal and have this file scanned. Post the results back here.

C:\WINDOWS\System32\drivers\pcppnwtq.sys

 

Thanks for your help. I'll be sure to run the scans later today.

 

I'll be here

 

All processes killed
========== FILES ==========
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71576546-354D-41C9-AAE8-31F2EC22BF0D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71576546-354D-41C9-AAE8-31F2EC22BF0D}\ not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: Lisa Broad

User: LocalService
->Flash cache emptied: 0 bytes

User: Mel Broad
->Flash cache emptied: 4305 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: sam broad
->Flash cache emptied: 560 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Lisa Broad
->Temp folder emptied: 5010 bytes
->Temporary Internet Files folder emptied: 64451 bytes
->Java cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Mel Broad
->Temp folder emptied: 10228346 bytes
->Temporary Internet Files folder emptied: 161270379 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: sam broad
->Temp folder emptied: 18026 bytes
->Temporary Internet Files folder emptied: 4514607 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 40755822 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 207.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.9.1 log created on 08052010_152336

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

 

OTL logfile created on: 8/5/2010 3:41:13 PM - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Mel Broad\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 121.00 Mb Available Physical Memory | 24.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 50.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 70.48 Gb Free Space | 30.90% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 189.92 Gb Total Space | 44.44 Gb Free Space | 23.40% Space Free | Partition Type: NTFS

Computer Name: D8JWMJ91
Current User Name: Mel Broad
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/04 23:29:18 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/11/19 22:29:16 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/08/30 23:08:30 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/30 23:08:20 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/30 23:07:55 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/30 23:07:35 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/30 23:05:44 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/07/21 17:16:06 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
PRC - [2008/07/21 17:15:14 | 000,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008/06/24 20:06:22 | 000,904,768 | ---- | M] (Acronis) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
PRC - [2008/06/24 19:56:52 | 000,136,472 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2008/04/28 07:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005/01/05 16:45:36 | 001,015,808 | ---- | M] (Thomas Ascher) -- C:\Program Files\ATnotes\ATnotes.exe


========== Modules (SafeList) ==========

MOD - [2010/08/04 23:29:18 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/30 23:07:35 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/30 23:05:44 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/07/21 17:15:14 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Combo-Fix\catchme.sys -- (catchme)
DRV - [2009/08/30 23:08:25 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/08/30 23:08:23 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/15 10:15:10 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/08/15 10:15:10 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/08/15 10:15:03 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/08/15 10:14:52 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009/08/05 15:58:40 | 000,093,872 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2009/07/07 14:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 14:48:44 | 000,025,392 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/05/02 09:45:16 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/05/03 13:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2005/11/16 22:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/10/10 05:23:48 | 000,032,640 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MXOFX.SYS -- (MXOFX) USB Storage Adapter FX (MXO)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\Extensions\\{8FE38891-27A0-4D48-9ABC-0ED79A2A74D9}: C:\Documents and Settings\Mel Broad\Local Settings\Application Data\{8FE38891-27A0-4D48-9ABC-0ED79A2A74D9} [2010/07/12 22:27:23 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/08/05 15:25:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4 - HKLM..\Run: [Vlecihikicilu] C:\WINDOWS\ohazogazinufew.DLL File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Mel Broad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mel Broad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/04/20 23:43:37 | 000,000,059 | ---- | M] () - J:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/05 15:23:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/04 23:29:15 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
[2010/08/04 09:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/03 23:57:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mel Broad\Recent
[2010/07/12 22:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Local Settings\Application Data\{8FE38891-27A0-4D48-9ABC-0ED79A2A74D9}
[2010/07/12 22:25:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Local Settings\Application Data\hqtkohwno
[2010/06/26 11:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Local Settings\Application Data\qdsvnimkr
[2010/05/09 21:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Application Data\Research In Motion
[2010/05/09 21:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/05/09 21:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/05/09 21:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2010/05/09 21:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[38 C:\Documents and Settings\Mel Broad\My Documents\*.tmp files -> C:\Documents and Settings\Mel Broad\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/05 15:34:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/05 15:31:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/05 15:31:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/05 15:31:51 | 534,925,312 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/05 15:30:41 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\Mel Broad\ntuser.dat
[2010/08/05 15:30:41 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Mel Broad\ntuser.ini
[2010/08/05 09:56:42 | 062,974,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/04 23:29:18 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
[2010/08/04 09:23:16 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/08/04 09:00:21 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/02 20:54:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/01 21:01:00 | 000,223,941 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\Balance2.wks
[2010/07/25 18:10:32 | 000,018,333 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\Soverign (mbsports44).wks
[2010/07/21 19:26:50 | 000,072,080 | ---- | M] () -- C:\Documents and Settings\Mel Broad\g2mdlhlpx.exe
[2010/07/20 22:09:13 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Tvuje.dat
[2010/07/20 05:35:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Pqakujaneca.bin
[2010/07/14 22:26:56 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\program policy.wps3.wps
[2010/07/14 22:26:39 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\program policy.wps2.wps
[2010/07/12 15:39:14 | 000,023,592 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\sovereign.wks
[2010/07/06 16:54:25 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Mel Broad\Desktop\Microsoft Office Outlook 2003.lnk
[2010/06/29 17:11:31 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\throat.doc
[2010/06/24 16:35:22 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 12.doc
[2010/06/24 15:57:01 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 11.doc
[2010/06/24 03:08:40 | 000,507,308 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/24 03:08:40 | 000,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/24 03:08:40 | 000,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/23 06:36:52 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Mel Broad\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/06/21 23:01:13 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/06/15 07:56:41 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\What I like that my dad does.doc
[2010/06/13 16:43:18 | 000,141,667 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\dadfathersday2010.jpg
[2010/06/13 16:28:08 | 002,819,419 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\Dad2010.jpg
[2010/06/13 16:22:59 | 000,119,490 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\elliotfathersday2010.jpg
[2010/06/12 07:37:32 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\the winner of quiet idol 2010 is jake broad.doc
[2010/06/12 07:35:44 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet is Mel broad.doc
[2010/06/11 16:22:52 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is lisa broad.doc
[2010/06/11 06:48:32 | 000,136,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/11 04:45:11 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/10 19:43:21 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\3 Qustions using spelling words.doc
[2010/06/09 16:55:21 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is Jake Broa1.doc
[2010/06/08 19:11:49 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\All of the words for ABC Order.doc
[2010/06/08 08:50:02 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\vegie chili.doc
[2010/06/07 19:22:47 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\8 jazzy sentences.doc
[2010/06/03 20:46:13 | 004,479,558 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\babaO.mp3
[2010/06/03 14:35:24 | 170,881,748 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod092608.mp3
[2010/06/03 14:31:30 | 135,366,921 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod110708.mp3
[2010/06/03 14:29:30 | 106,386,020 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod122608.mp3
[2010/06/02 17:01:23 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\8 Words for ABC Order.doc
[2010/06/01 16:07:43 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy sentences.doc
[2010/05/31 19:13:12 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\utensils and work suplises.doc
[2010/05/28 22:00:25 | 138,135,339 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\dead 8-25-72.mp3
[2010/05/28 18:48:11 | 000,015,439 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\cutting_shapes.pdf
[2010/05/25 15:02:12 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\butterfly.doc
[2010/05/24 15:51:25 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\6 Jazzy sentences.doc
[2010/05/19 15:39:08 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\10 words for ABC order.doc
[2010/05/18 15:39:35 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\lisa's resume.doc
[2010/05/17 16:15:53 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\5 Nouns in sentences.doc
[2010/05/13 15:22:23 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy senetnces.doc
[2010/05/09 23:17:27 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\Mel Broad\pool.bin
[2010/05/09 21:25:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2010/05/09 21:14:10 | 271,060,312 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\501_b049_multilanguage.exe
[38 C:\Documents and Settings\Mel Broad\My Documents\*.tmp files -> C:\Documents and Settings\Mel Broad\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/21 19:26:49 | 000,072,080 | ---- | C] () -- C:\Documents and Settings\Mel Broad\g2mdlhlpx.exe
[2010/07/14 22:26:56 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\program policy.wps3.wps
[2010/07/12 22:48:01 | 534,925,312 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/12 22:27:26 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Tvuje.dat
[2010/07/12 22:27:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Pqakujaneca.bin
[2010/06/29 10:58:35 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\throat.doc
[2010/06/24 15:57:01 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 11.doc
[2010/06/24 15:42:27 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 12.doc
[2010/06/15 07:56:40 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\What I like that my dad does.doc
[2010/06/13 16:43:17 | 000,141,667 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\dadfathersday2010.jpg
[2010/06/13 16:28:04 | 002,819,419 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\Dad2010.jpg
[2010/06/13 16:22:59 | 000,119,490 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\elliotfathersday2010.jpg
[2010/06/12 07:35:43 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet is Mel broad.doc
[2010/06/11 16:20:14 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is lisa broad.doc
[2010/06/10 19:43:20 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\3 Qustions using spelling words.doc
[2010/06/09 16:54:41 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is Jake Broa1.doc
[2010/06/09 16:47:37 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\the winner of quiet idol 2010 is jake broad.doc
[2010/06/08 19:11:48 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\All of the words for ABC Order.doc
[2010/06/07 19:22:46 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\8 jazzy sentences.doc
[2010/06/07 12:36:14 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\vegie chili.doc
[2010/06/03 20:46:09 | 004,479,558 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\babaO.mp3
[2010/06/03 14:33:26 | 170,881,748 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod092608.mp3
[2010/06/03 14:31:06 | 135,366,921 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod110708.mp3
[2010/06/03 14:29:10 | 106,386,020 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod122608.mp3
[2010/06/01 16:07:43 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy sentences.doc
[2010/05/31 19:13:11 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\utensils and work suplises.doc
[2010/05/28 21:59:35 | 138,135,339 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\dead 8-25-72.mp3
[2010/05/28 18:47:33 | 000,015,439 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\cutting_shapes.pdf
[2010/05/25 14:56:31 | 000,038,912 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\butterfly.doc
[2010/05/24 15:51:25 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\6 Jazzy sentences.doc
[2010/05/17 16:15:52 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\5 Nouns in sentences.doc
[2010/05/13 15:22:23 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy senetnces.doc
[2010/05/11 16:26:24 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\8 Words for ABC Order.doc
[2010/05/10 20:50:39 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/05/09 21:37:22 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Mel Broad\pool.bin
[2010/05/09 21:25:18 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2010/05/09 21:13:22 | 271,060,312 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\501_b049_multilanguage.exe
[2010/04/14 09:06:40 | 000,015,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2008/11/21 17:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/21 17:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/06/20 21:50:47 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2007/06/11 14:24:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2007/05/13 19:58:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2006/05/25 17:49:07 | 000,000,613 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2006/03/08 23:43:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/03/08 23:41:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2006/03/08 20:02:07 | 000,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/08 18:39:42 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/02/21 15:24:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/21 15:14:57 | 000,000,361 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/21 15:11:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/21 14:44:40 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 05:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2006/02/21 15:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2007/08/16 19:31:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/04/14 11:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2009/08/15 10:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2010/05/09 21:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009/08/15 09:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RetroExp
[2009/08/15 10:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2007/02/02 20:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/06/24 22:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/04/19 21:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/12 11:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/15 22:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/15 22:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\dBpoweramp
[2009/07/23 15:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\IObit
[2006/09/11 20:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Leadertech
[2009/07/23 15:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\MSNInstaller
[2006/03/08 21:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Nikon
[2010/05/09 21:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Research In Motion
[2006/03/15 12:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Snapfish
[2009/10/31 08:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\TweakNow RegCleaner
[2010/06/24 21:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\uTorrent
[2007/02/12 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Viewpoint

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 372 bytes -> C:\WINDOWS\System32\drivers\pcppnwtq.sys:changelist
< End of report >

 

Jotti scan


Filename: pcesbimb.sys
Status: Scan finished. 0 out of 20 scanners reported malware.
Scan taken on: Thu 18 Mar 2010 23:08:50 (CET) Permalink

 

Additional Jotti scan info

File size: 30880 bytes
Filetype: PE32 executable for MS Windows (native) Intel 80386 32-bit
MD5: f58a27a27e41a1cd35eeb5ffdff95af8
SHA1: 95c48438cfe9342a9b3061342ff782bbc96b3373

 

How are things with the pc now?

 

Hard to tell. Sometimes the pc seems fine. Other times it seems to be very slow. Did you happen to find any problems from the information on the scans?

Also, I still get the following message on start up.
"Error Loading c:\windows\ohazogazinufew.dll The specified mode could not be found" ?

Any ideas if this can be fixed? Thanks for your help.

 

My fault. I missed putting it in the fix.

Run OTL

• Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
  
  
  Code:

  :OTL
  O4 - HKLM..\Run: [Vlecihikicilu] C:\WINDOWS\ohazogazinufew.DLL File not found
  

• Then click the [color= "#FF0000"]Run Fix[/color] button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post the log from this run.
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

============

Please Run the ESET Online Scanner and post the ScanLog with your post for assistance.

• You will need to use Internet Explorer to complete this scan.
• You will need to temporarily Disable your current Anti-virus program.
• Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time), and the option to Scan unwanted applications is Checked.
• When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.

​

============

Is the error message cleared now after a reboot?

 

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Vlecihikicilu deleted successfully.

OTL by OldTimer - Version 3.2.9.1 log created on 08052010_201531

 

OTL logfile created on: 8/5/2010 8:25:07 PM - Run 3
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Mel Broad\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 110.00 Mb Available Physical Memory | 22.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 70.40 Gb Free Space | 30.86% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 189.92 Gb Total Space | 44.44 Gb Free Space | 23.40% Space Free | Partition Type: NTFS

Computer Name: D8JWMJ91
Current User Name: Mel Broad
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/04 23:29:18 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/11/19 22:29:16 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/08/30 23:08:30 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/30 23:08:20 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/30 23:07:55 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/30 23:07:35 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/30 23:05:44 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/07/21 17:16:06 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
PRC - [2008/07/21 17:15:14 | 000,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008/06/24 20:06:22 | 000,904,768 | ---- | M] (Acronis) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
PRC - [2008/06/24 19:56:52 | 000,136,472 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2008/04/28 07:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe


========== Modules (SafeList) ==========

MOD - [2010/08/04 23:29:18 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/30 23:07:35 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/30 23:05:44 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/07/21 17:15:14 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Combo-Fix\catchme.sys -- (catchme)
DRV - [2009/08/30 23:08:25 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/08/30 23:08:23 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/15 10:15:10 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/08/15 10:15:10 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/08/15 10:15:03 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/08/15 10:14:52 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009/08/05 15:58:40 | 000,093,872 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2009/07/07 14:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 14:48:44 | 000,025,392 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/05/02 09:45:16 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/05/03 13:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2005/11/16 22:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/10/10 05:23:48 | 000,032,640 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MXOFX.SYS -- (MXOFX) USB Storage Adapter FX (MXO)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\Extensions\\{8FE38891-27A0-4D48-9ABC-0ED79A2A74D9}: C:\Documents and Settings\Mel Broad\Local Settings\Application Data\{8FE38891-27A0-4D48-9ABC-0ED79A2A74D9} [2010/07/12 22:27:23 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/08/05 15:25:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Mel Broad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mel Broad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/04/20 23:43:37 | 000,000,059 | ---- | M] () - J:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/05 15:23:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/04 23:29:15 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
[2010/08/04 09:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/03 23:57:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mel Broad\Recent
[2010/07/12 22:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Local Settings\Application Data\{8FE38891-27A0-4D48-9ABC-0ED79A2A74D9}
[2010/07/12 22:25:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Local Settings\Application Data\hqtkohwno
[2010/06/26 11:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Local Settings\Application Data\qdsvnimkr
[2010/05/09 21:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mel Broad\Application Data\Research In Motion
[2010/05/09 21:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/05/09 21:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/05/09 21:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2010/05/09 21:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[38 C:\Documents and Settings\Mel Broad\My Documents\*.tmp files -> C:\Documents and Settings\Mel Broad\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/05 20:22:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/05 20:19:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/05 20:19:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/05 20:19:51 | 534,925,312 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/05 20:18:35 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\Mel Broad\ntuser.dat
[2010/08/05 20:18:35 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Mel Broad\ntuser.ini
[2010/08/05 18:09:30 | 062,985,912 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/05 17:01:15 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/04 23:29:18 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mel Broad\Desktop\OTL.exe
[2010/08/04 09:23:16 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/08/02 20:54:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/01 21:01:00 | 000,223,941 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\Balance2.wks
[2010/07/25 18:10:32 | 000,018,333 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\Soverign (mbsports44).wks
[2010/07/21 19:26:50 | 000,072,080 | ---- | M] () -- C:\Documents and Settings\Mel Broad\g2mdlhlpx.exe
[2010/07/20 22:09:13 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Tvuje.dat
[2010/07/20 05:35:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Pqakujaneca.bin
[2010/07/14 22:26:56 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\program policy.wps3.wps
[2010/07/14 22:26:39 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\program policy.wps2.wps
[2010/07/12 15:39:14 | 000,023,592 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\sovereign.wks
[2010/07/06 16:54:25 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Mel Broad\Desktop\Microsoft Office Outlook 2003.lnk
[2010/06/29 17:11:31 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\throat.doc
[2010/06/24 16:35:22 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 12.doc
[2010/06/24 15:57:01 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 11.doc
[2010/06/24 03:08:40 | 000,507,308 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/24 03:08:40 | 000,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/24 03:08:40 | 000,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/23 06:36:52 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Mel Broad\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/06/21 23:01:13 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/06/15 07:56:41 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\What I like that my dad does.doc
[2010/06/13 16:43:18 | 000,141,667 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\dadfathersday2010.jpg
[2010/06/13 16:28:08 | 002,819,419 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\Dad2010.jpg
[2010/06/13 16:22:59 | 000,119,490 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\elliotfathersday2010.jpg
[2010/06/12 07:37:32 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\the winner of quiet idol 2010 is jake broad.doc
[2010/06/12 07:35:44 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet is Mel broad.doc
[2010/06/11 16:22:52 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is lisa broad.doc
[2010/06/11 06:48:32 | 000,136,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/11 04:45:11 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/10 19:43:21 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\3 Qustions using spelling words.doc
[2010/06/09 16:55:21 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is Jake Broa1.doc
[2010/06/08 19:11:49 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\All of the words for ABC Order.doc
[2010/06/08 08:50:02 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\vegie chili.doc
[2010/06/07 19:22:47 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\8 jazzy sentences.doc
[2010/06/03 20:46:13 | 004,479,558 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\babaO.mp3
[2010/06/03 14:35:24 | 170,881,748 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod092608.mp3
[2010/06/03 14:31:30 | 135,366,921 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod110708.mp3
[2010/06/03 14:29:30 | 106,386,020 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod122608.mp3
[2010/06/02 17:01:23 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\8 Words for ABC Order.doc
[2010/06/01 16:07:43 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy sentences.doc
[2010/05/31 19:13:12 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\utensils and work suplises.doc
[2010/05/28 22:00:25 | 138,135,339 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\dead 8-25-72.mp3
[2010/05/28 18:48:11 | 000,015,439 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\cutting_shapes.pdf
[2010/05/25 15:02:12 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\butterfly.doc
[2010/05/24 15:51:25 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\6 Jazzy sentences.doc
[2010/05/19 15:39:08 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\10 words for ABC order.doc
[2010/05/18 15:39:35 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\lisa's resume.doc
[2010/05/17 16:15:53 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\5 Nouns in sentences.doc
[2010/05/13 15:22:23 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy senetnces.doc
[2010/05/09 23:17:27 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\Mel Broad\pool.bin
[2010/05/09 21:25:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2010/05/09 21:14:10 | 271,060,312 | ---- | M] () -- C:\Documents and Settings\Mel Broad\My Documents\501_b049_multilanguage.exe
[38 C:\Documents and Settings\Mel Broad\My Documents\*.tmp files -> C:\Documents and Settings\Mel Broad\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/21 19:26:49 | 000,072,080 | ---- | C] () -- C:\Documents and Settings\Mel Broad\g2mdlhlpx.exe
[2010/07/14 22:26:56 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\program policy.wps3.wps
[2010/07/12 22:48:01 | 534,925,312 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/12 22:27:26 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Tvuje.dat
[2010/07/12 22:27:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Pqakujaneca.bin
[2010/06/29 10:58:35 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\throat.doc
[2010/06/24 15:57:01 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 11.doc
[2010/06/24 15:42:27 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\American Idol contestonts songs top 12.doc
[2010/06/15 07:56:40 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\What I like that my dad does.doc
[2010/06/13 16:43:17 | 000,141,667 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\dadfathersday2010.jpg
[2010/06/13 16:28:04 | 002,819,419 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\Dad2010.jpg
[2010/06/13 16:22:59 | 000,119,490 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\elliotfathersday2010.jpg
[2010/06/12 07:35:43 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet is Mel broad.doc
[2010/06/11 16:20:14 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is lisa broad.doc
[2010/06/10 19:43:20 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\3 Qustions using spelling words.doc
[2010/06/09 16:54:41 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\The winner of quiet idol 2010 is Jake Broa1.doc
[2010/06/09 16:47:37 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\the winner of quiet idol 2010 is jake broad.doc
[2010/06/08 19:11:48 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\All of the words for ABC Order.doc
[2010/06/07 19:22:46 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\8 jazzy sentences.doc
[2010/06/07 12:36:14 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\vegie chili.doc
[2010/06/03 20:46:09 | 004,479,558 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\babaO.mp3
[2010/06/03 14:33:26 | 170,881,748 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod092608.mp3
[2010/06/03 14:31:06 | 135,366,921 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod110708.mp3
[2010/06/03 14:29:10 | 106,386,020 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\deadpod122608.mp3
[2010/06/01 16:07:43 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy sentences.doc
[2010/05/31 19:13:11 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\utensils and work suplises.doc
[2010/05/28 21:59:35 | 138,135,339 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\dead 8-25-72.mp3
[2010/05/28 18:47:33 | 000,015,439 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\cutting_shapes.pdf
[2010/05/25 14:56:31 | 000,038,912 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\butterfly.doc
[2010/05/24 15:51:25 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\6 Jazzy sentences.doc
[2010/05/17 16:15:52 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\5 Nouns in sentences.doc
[2010/05/13 15:22:23 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\4 Jazzy senetnces.doc
[2010/05/11 16:26:24 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\8 Words for ABC Order.doc
[2010/05/10 20:50:39 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/05/09 21:37:22 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Mel Broad\pool.bin
[2010/05/09 21:25:18 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2010/05/09 21:13:22 | 271,060,312 | ---- | C] () -- C:\Documents and Settings\Mel Broad\My Documents\501_b049_multilanguage.exe
[2010/04/14 09:06:40 | 000,015,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2008/11/21 17:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/21 17:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/06/20 21:50:47 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2007/06/11 14:24:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2007/05/13 19:58:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2006/05/25 17:49:07 | 000,000,613 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2006/03/08 23:43:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/03/08 23:41:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2006/03/08 20:02:07 | 000,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/08 18:39:42 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/02/21 15:24:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/21 15:14:57 | 000,000,361 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/21 15:11:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/21 14:44:40 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 05:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2006/02/21 15:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2007/08/16 19:31:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/04/14 11:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2009/08/15 10:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2010/05/09 21:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009/08/15 09:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RetroExp
[2009/08/15 10:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2007/02/02 20:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/06/24 22:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/04/19 21:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/12 11:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/15 22:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/15 22:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\dBpoweramp
[2009/07/23 15:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\IObit
[2006/09/11 20:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Leadertech
[2009/07/23 15:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\MSNInstaller
[2006/03/08 21:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Nikon
[2010/05/09 21:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Research In Motion
[2006/03/15 12:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Snapfish
[2009/10/31 08:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\TweakNow RegCleaner
[2010/06/24 21:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\uTorrent
[2007/02/12 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mel Broad\Application Data\Viewpoint

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 372 bytes -> C:\WINDOWS\System32\drivers\pcppnwtq.sys:changelist
< End of report >

 

And?........